acceptAddressOnTCPPort method

  1. @override
Future<bool> acceptAddressOnTCPPort(
  1. String address,
  2. int port, {
  3. bool sudo = false,
  4. required Set<int>? allowedPorts,
  5. required bool allowAllPorts,
})
override

Add rule to accept connections on a specified TCP port from the given address.

  • address: The address (IP or hostname) to accept connections from.
  • port: The TCP port number to accept connections on.
  • sudo: Whether elevated permissions are required to configure the port (default: false).
  • allowedPorts: A set of allowed ports for validation. If null, validation is skipped.
  • allowAllPorts: Whether to allow connections on all ports, overriding allowedPorts.

Returns a Future that completes with true if the operation succeeded, or false if it failed.

Implementation

@override
Future<bool> acceptAddressOnTCPPort(String address, int port,
    {bool sudo = false,
    required Set<int>? allowedPorts,
    required bool allowAllPorts}) async {
  _checkValidPort(port);
  address = _checkAddress(address);

  if (!allowAllPorts &&
      (allowedPorts == null || !allowedPorts.contains(port))) {
    return false;
  }

  // Select `iptables` or `ip6tables` from the address family.
  final bin = await _resolveBinaryPathForAddress(address);
  if (bin == null) {
    // IPv6 address requested but `ip6tables` is not available.
    return false;
  }

  var output = await runCommand(
    bin,
    <String>[
      '-I',
      'INPUT',
      '-p',
      'tcp',
      '--dport',
      '$port',
      '-s',
      address,
      '-j',
      'ACCEPT',
    ],
    sudo: sudo,
    expectedExitCode: 0,
  );

  if (output == null) {
    return false;
  }

  var accepted = await isAcceptedAddressOnPort(address, port,
      sudo: sudo, allowedPorts: allowAllPorts ? null : (allowedPorts ?? {}));

  return accepted;
}