From edb4755cd7fa194583d7b9b848e227aa69456200 Mon Sep 17 00:00:00 2001
From: Tiago Jacobs <tiago.jacobs@gmail.com>
Date: Fri, 24 Jul 2020 12:29:24 -0300
Subject: [PATCH] Lock libreoffice container network

---
 bbb-libreoffice/assets/libreoffice_container.sh | 9 ++++++++-
 bbb-libreoffice/install.sh                      | 7 +++++++
 bbb-libreoffice/uninstall.sh                    | 8 +++++++-
 3 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/bbb-libreoffice/assets/libreoffice_container.sh b/bbb-libreoffice/assets/libreoffice_container.sh
index 941ebe1413..02e1ef0ee9 100755
--- a/bbb-libreoffice/assets/libreoffice_container.sh
+++ b/bbb-libreoffice/assets/libreoffice_container.sh
@@ -28,7 +28,14 @@ if (($INSTANCE_NUMBER >= 1)); then
 
 	SOFFICE_WORK_DIR="/var/tmp/soffice_"`printf "%02d\n" $INSTANCE_NUMBER`
 
-	docker run --name bbb-libreoffice-${INSTANCE_NUMBER} -p $PORT:8000 -v${SOFFICE_WORK_DIR}:${SOFFICE_WORK_DIR} --rm bbb-libreoffice &
+	INPUT_RULE="INPUT -i br-soffice -m state --state NEW -j DROP"
+	iptables -C $INPUT_RULE || iptables -I $INPUT_RULE
+
+	FORWARD_RULE="FORWARD -i br-soffice -m state --state NEW -j DROP"
+	iptables -C $FORWARD_RULE || iptables -I $FORWARD_RULE
+
+
+	docker run --network bbb-libreoffice --name bbb-libreoffice-${INSTANCE_NUMBER} -p $PORT:8000 -v${SOFFICE_WORK_DIR}:${SOFFICE_WORK_DIR} --rm bbb-libreoffice &
 
 	wait $!
 else
diff --git a/bbb-libreoffice/install.sh b/bbb-libreoffice/install.sh
index fb74d1aa23..a1a2c07515 100755
--- a/bbb-libreoffice/install.sh
+++ b/bbb-libreoffice/install.sh
@@ -30,6 +30,13 @@ else
 	echo "Docker image already exists";
 fi
 
+NETWORK_CHECK=`docker network inspect bbb-libreoffice &> /dev/null && echo 1 || echo 0`
+
+if [ "$NETWORK_CHECK" = "0" ]; then
+	echo "Docker network doesn't exists, creating"
+	docker network create bbb-libreoffice -d bridge --opt com.docker.network.bridge.name=br-soffice 
+fi
+
 FOLDER_CHECK=`[ -d /usr/share/bbb-libreoffice/ ] && echo 1 || echo 0`
 if [ "$FOLDER_CHECK" = "0" ]; then
 	echo "Install folder doesn't exists, installing"
diff --git a/bbb-libreoffice/uninstall.sh b/bbb-libreoffice/uninstall.sh
index 4bc1dd3ac4..991f4e36c8 100755
--- a/bbb-libreoffice/uninstall.sh
+++ b/bbb-libreoffice/uninstall.sh
@@ -15,7 +15,6 @@ if [ "$IMAGE_CHECK"  = "1" ]; then
 	docker image rm bbb-libreoffice
 fi
 
-
 FOLDER_CHECK=`[ -d /usr/share/bbb-libreoffice/ ] && echo 1 || echo 0`
 if [ "$FOLDER_CHECK" = "1" ]; then
 	echo "Stopping services"
@@ -29,3 +28,10 @@ if [ "$FOLDER_CHECK" = "1" ]; then
 	find /etc/systemd/ | grep bbb-libreoffice | xargs --no-run-if-empty -n 1 -I __ rm __
 	systemctl daemon-reload
 fi;
+
+NETWORK_CHECK=`docker network inspect bbb-libreoffice &> /dev/null && echo 1 || echo 0`
+if [ "$NETWORK_CHECK" = "1" ]; then
+        echo "Removing docker network"
+        docker network remove bbb-libreoffice
+fi
+
-- 
GitLab