resolved conflicts

.gitignore

@@ -3,4 +3,11 @@
 *.gzip
 *.gz
 .vscode
+conf
+data
+log
+php
+nginx
+ssl
+web/rrd
 .DS_Store

bin/v-add-dns-domain

@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: add dns domain
-# options: USER DOMAIN IP [NS1] [NS2] [NS3] [..] [NS8] [RESTART]
+# options: USER DOMAIN IP IPV6 [NS1] [NS2] [NS3] [..] [NS8] [RESTART]
 #
 # The function adds DNS zone with records defined in the template. If the exp
 # argument isn't stated, the expiration date value will be set to next year.
@@ -17,15 +17,16 @@
 user=$1
 domain=$2
 ip=$3
-ns1=$4
-ns2=$5
-ns3=$6
-ns4=$7
-ns5=$8
-ns6=$9
-ns7=${10}
-ns8=${11}
-restart=${12}
+ipv6=$4
+ns1=$5
+ns2=$6
+ns3=$7
+ns4=$8
+ns5=$9
+ns6=$10
+ns7=${11}
+ns8=${12}
+restart=${13}
 
 # Includes
 source $VESTA/func/main.sh
@@ -41,8 +42,21 @@ format_domain_idn
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '3' "$#" 'USER DOMAIN IP [NS1] [NS2] [NS3] [..] [NS8] [RESTART]'
-is_format_valid 'user' 'domain' 'ip'
+check_args '3' "$#" 'USER DOMAIN IP IPV6 [NS1] [NS2] [NS3] [..] [NS8] [RESTART]'
+is_format_valid 'user' 'domain'
+
+if [ ! -z "$ip" ] && [ "$ip" != "no" ]; then
+    is_format_valid 'ip'
+else
+    ip=""
+fi
+
+if [ ! -z "$ipv6" ] && [ "$ipv6" != "no" ]; then
+    is_format_valid 'ipv6'
+else
+    ipv6=""
+fi
+
 is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
@@ -52,35 +66,35 @@ template=$(get_user_value '$DNS_TEMPLATE')
 is_dns_template_valid $template
 
 if [ ! -z "$ns1" ]; then
-    ns1=$(echo $4 |sed -e 's/\.*$//g' -e 's/^\.*//g')
+    ns1=$(echo $5 |sed -e 's/\.*$//g' -e 's/^\.*//g')
     is_format_valid 'ns1'
 fi
 if [ ! -z "$ns2" ]; then
-    ns2=$(echo $5 |sed -e 's/\.*$//g' -e 's/^\.*//g')
+    ns2=$(echo $6 |sed -e 's/\.*$//g' -e 's/^\.*//g')
     is_format_valid 'ns2'
 fi
 if [ ! -z "$ns3" ]; then
-    ns3=$(echo $6 |sed -e 's/\.*$//g' -e 's/^\.*//g')
+    ns3=$(echo $7 |sed -e 's/\.*$//g' -e 's/^\.*//g')
     is_format_valid 'ns3'
 fi
 if [ ! -z "$ns4" ]; then
-    ns4=$(echo $7 |sed -e 's/\.*$//g' -e 's/^\.*//g')
+    ns4=$(echo $8 |sed -e 's/\.*$//g' -e 's/^\.*//g')
     is_format_valid 'ns4'
 fi
 if [ ! -z "$ns5" ]; then
-    ns5=$(echo $8 |sed -e 's/\.*$//g' -e 's/^\.*//g')
+    ns5=$(echo $9 |sed -e 's/\.*$//g' -e 's/^\.*//g')
     is_format_valid 'ns5'
 fi
 if [ ! -z "$ns6" ]; then
-    ns6=$(echo $9 |sed -e 's/\.*$//g' -e 's/^\.*//g')
+    ns6=$(echo ${10} |sed -e 's/\.*$//g' -e 's/^\.*//g')
     is_format_valid 'ns6'
 fi
 if [ ! -z "$ns7" ]; then
-    ns7=$(echo ${10} |sed -e 's/\.*$//g' -e 's/^\.*//g')
+    ns7=$(echo ${11} |sed -e 's/\.*$//g' -e 's/^\.*//g')
     is_format_valid 'ns7'
 fi
 if [ ! -z "$ns8" ]; then
-    ns8=$(echo ${11} |sed -e 's/\.*$//g' -e 's/^\.*//g')
+    ns8=$(echo ${12} |sed -e 's/\.*$//g' -e 's/^\.*//g')
     is_format_valid 'ns8'
 fi
 
@@ -132,26 +146,14 @@ time=$(echo "$time_n_date" |cut -f 1 -d \ )
 date=$(echo "$time_n_date" |cut -f 2 -d \ )
 
 # Adding dns zone to the user config
-echo "$template_data" |\
-    sed -e "s/%ip%/$ip/g" \
-        -e "s/%domain_idn%/$domain_idn/g" \
-        -e "s/%domain%/$domain/g" \
-        -e "s/%ns1%/$ns1/g" \
-        -e "s/%ns2%/$ns2/g" \
-        -e "s/%ns3%/$ns3/g" \
-        -e "s/%ns4%/$ns4/g" \
-        -e "s/%ns5%/$ns5/g" \
-        -e "s/%ns6%/$ns6/g" \
-        -e "s/%ns7%/$ns7/g" \
-        -e "s/%ns8%/$ns8/g" \
-        -e "s/%time%/$time/g" \
-        -e "s/%date%/$date/g" > $USER_DATA/dns/$domain.conf
+add_dns_config
+
 
 chmod 660 $USER_DATA/dns/$domain.conf
 records="$(wc -l $USER_DATA/dns/$domain.conf |cut -f 1 -d ' ')"
 
 # Adding dns.conf record
-dns_rec="DOMAIN='$domain' IP='$ip' TPL='$template' TTL='$ttl' EXP='$exp'"
+dns_rec="DOMAIN='$domain' IP='$ip' IP6='$ipv6' TPL='$template' TTL='$ttl' EXP='$exp'"
 dns_rec="$dns_rec SOA='$soa' SERIAL='$serial' SRC='' RECORDS='$records'"
 dns_rec="$dns_rec SUSPENDED='no' TIME='$time' DATE='$date'"
 

bin/v-add-dns-on-web-alias

@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: add dns domain or dns record after web domain alias
-# options: USER ALIAS IP [RESTART]
+# options: USER ALIAS IP IPV6 [RESTART]
 #
 # The function adds dns domain or dns record based on web domain alias.
 
@@ -13,7 +13,8 @@
 user=$1
 alias=$2
 ip=$3
-restart=$4
+ipv6=$4
+restart=$5
 
 # Includes
 source $VESTA/func/main.sh
@@ -26,7 +27,7 @@ source $VESTA/conf/vesta.conf
 #----------------------------------------------------------#
 
 check_args '3' "$#" 'USER ALIAS IP [RESTART]'
-is_format_valid 'user' 'alias' 'ip'
+is_format_valid 'user' 'alias'
 is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
@@ -34,6 +35,18 @@ if [ -e "$USER_DATA/dns/$alias.conf" ]; then
     exit
 fi
 
+if [ -z "$ip" ] && [ "$ip" != "no" ]; then
+    is_format_valid 'ip'
+else
+    ip=""
+fi
+
+if [ -z "$ipv6" ] && [ "$ipv6" != "no" ]; then
+    is_format_valid 'ipv6'
+else
+    ipv6=""
+fi
+
 
 #----------------------------------------------------------#
 #                       Action                             #
@@ -50,12 +63,12 @@ domain_lvl=$(echo "$alias" |grep -o "\." |wc -l)
 # Adding second level domain
 if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
     $BIN/v-add-dns-domain \
-        $user $alias $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
+        $user $alias $ip $ipv6 '' '' '' '' '' '' '' '' $restart >> /dev/null
     exit
 fi
 
 # Adding top-level domain and then its sub
-$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
+$BIN/v-add-dns-domain $user $top_domain $ip $ipv6 '' '' '' '' '' '' '' '' $restart >> /dev/null
 
 # Checking top-level domain
 if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then
@@ -71,9 +84,15 @@ fi
 
 # Adding subdomain record
 if [ -z "$check_record" ]; then
+    if [ "$IPV4" == "yes" ] ; then
         $BIN/v-add-dns-record \
             $user $top_domain "$sub_domain" A $ip '' '' $restart >> /dev/null
     fi
+    if [ "$IPV6" == "yes" ] ; then
+        $BIN/v-add-dns-record \
+            $user $top_domain "$sub_domain" AAAA $ipv6 '' '' $restart >> /dev/null
+  fi
+fi
 
 
 #----------------------------------------------------------#

bin/v-add-domain

@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: add web/dns/mail domain
-# options: USER DOMAIN [IP] [RESTART]
+# options: USER DOMAIN [IP] [IPV6] [RESTART]
 #
 # The function adds web/dns/mail domain to a server.
 
@@ -13,22 +13,27 @@
 user=$1
 domain=$2
 ip=$3
-restart="${4-yes}"
+ipv6=$4
+restart="${5-yes}"
 
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
-check_args '2' "$#" 'USER DOMAIN [IP] [RESTART]'
+check_args '2' "$#" 'USER DOMAIN [IP] [IPV6] [RESTART]'
 is_format_valid 'user' 'domain'
-if [ ! -z "$ip" ] ; then
+if [ ! -z "$ip" ] && [ "$ip" != "no" ]; then
     is_format_valid 'ip'
 fi
+if [ ! -z "$ipv6" ] && [ "$ipv6" != "no" ]; then
+    is_format_valid 'ipv6'
+fi
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 
@@ -38,22 +43,23 @@ is_object_unsuspended 'user' 'USER' "$user"
 #----------------------------------------------------------#
 
 # Get ip if it wasn't defined
-if [ -z "$ip" ]; then
+if [ -z "$ip" ] && [ "$ip" != "no" ]; then
     get_user_ip
-    if [ -z "$ip" ]; then
-        check_result $E_NOTEXIST "no avaiable IP address"
 fi
+
+if [ -z "$ipv6" ] && [ "$ipv6" != "no" ]; then
+    get_user_ipv6
 fi
 
 # Working on web domain
 if [ ! -z "$WEB_SYSTEM" ]; then
-    $BIN/v-add-web-domain $user $domain $ip 'no'
+    $BIN/v-add-web-domain $user $domain $ip $ipv6 'no'
     check_result $? "can't add web domain" >/dev/null
 fi
 
 # Working on DNS domain
 if [ ! -z "$DNS_SYSTEM" ]; then
-    $BIN/v-add-dns-domain $user $domain $ip "" "" "" "" "" '' '' '' 'no'
+    $BIN/v-add-dns-domain $user $domain $ip $ipv6 "" "" "" "" "" '' '' '' 'no'
     check_result $? "can't add dns domain" >/dev/null
 fi
 

bin/v-add-firewall-ipv6-ban

@@ -0,0 +1,83 @@
+#!/bin/bash
+# info: add firewall blocking rule
+# options: IP CHAIN
+#
+# The function adds new blocking rule to system firewall
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Importing system variables
+source /etc/profile
+
+# Argument definition
+ipv6=$1
+chain=$(echo $2|tr '[:lower:]' '[:upper:]')
+
+# Defining absolute path for iptables and modprobe
+iptables="/sbin/ip6tables"
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'IP CHAIN'
+is_format_valid 'ipv6' 'chain'
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Checking server ip
+if [ -e "$VESTA/data/ips/$ipv6" ] || [ "$ipv6" = '::1' ]; then
+    exit
+fi
+
+# Checking ip exclusions
+excludes="$VESTA/data/firewallv6/excludes.conf"
+check_excludes=$(grep "^$ipv6$" $excludes 2>/dev/null)
+if  [ ! -z "$check_excludes" ]; then
+    exit
+fi
+
+# Checking ip in banlist
+conf="$VESTA/data/firewallv6/banlist.conf"
+check_ip=$(grep "IP6='$ipv6' CHAIN='$chain'" $conf 2>/dev/null)
+if [ ! -z "$check_ip" ]; then
+    exit
+fi
+
+# Adding chain
+$BIN/v-add-firewall-ipv6-chain $chain
+
+# Generating timestamp
+time_n_date=$(date +'%T %F')
+time=$(echo "$time_n_date" |cut -f 1 -d \ )
+date=$(echo "$time_n_date" |cut -f 2 -d \ )
+
+# Adding ip to banlist
+echo "IP6='$ipv6' CHAIN='$chain' TIME='$time' DATE='$date'" >> $conf
+$iptables -I fail2ban-$chain 1 -s $ipv6 \
+    -j REJECT --reject-with icmp-port-unreachable 2>/dev/null
+
+# Changing permissions
+chmod 660 $conf
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-add-firewall-ipv6-chain

@@ -0,0 +1,86 @@
+#!/bin/bash
+# info: add firewall chain
+# options: CHAIN [PORT] [PROTOCOL] [PROTOCOL]
+#
+# The function adds new rule to system firewall
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Importing system variables
+source /etc/profile
+
+# Argument definition
+chain=$(echo $1 | tr '[:lower:]' '[:upper:]')
+port=$2
+protocol=${4-TCP}
+protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
+
+# Defining absolute path to iptables
+iptables="/sbin/ip6tables"
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'CHAIN [PORT] [PROTOCOL]'
+is_format_valid 'chain'
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Checking known chains
+case $chain in
+    SSH)        port=22; protocol=TCP ;;
+    FTP)        port=21; protocol=TCP  ;;
+    MAIL)       port='25,465,587,2525,110,995,143,993'; protocol=TCP  ;;
+    DNS)        port=53; protocol=UDP  ;;
+    WEB)        port='80,443'; protocol=TCP  ;;
+    DB)         port='3306,5432'; protocol=TCP  ;;
+    VESTA)      port=8083; protocol=TCP  ;;
+    *)          check_args '2' "$#" 'CHAIN PORT' ;;
+esac
+
+# Adding chain
+$iptables -N fail2ban-$chain 2>/dev/null
+if [ $? -eq 0 ]; then
+    $iptables -A fail2ban-$chain -j RETURN
+
+    # Adding multiport module
+    if [[ "$port" =~ ,|-|: ]] ; then
+        port_str="-m multiport --dports $port"
+    else
+        port_str="--dport $port"
+    fi
+    $iptables -I INPUT -p $protocol $port_str -j fail2ban-$chain
+fi
+
+# Preserving chain
+chains=$VESTA/data/firewallv6/chains.conf
+check_chain=$(grep "CHAIN='$chain'" $chains 2>/dev/null)
+if [ -z "$check_chain" ]; then
+    echo "CHAIN='$chain' PORT='$port' PROTOCOL='$protocol'" >> $chains
+fi
+
+# Changing permissions
+chmod 660 $chains
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-add-firewall-ipv6-rule

@@ -0,0 +1,94 @@
+#!/bin/bash
+# info: add firewall rule
+# options: ACTION IPV6 PORT [PROTOCOL] [COMMENT] [RULE]
+#
+# The function adds new rule to system firewall
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Importing system variables
+source /etc/profile
+
+# Argument definition
+action=$(echo $1|tr '[:lower:]' '[:upper:]')
+ipv6=$2
+port_ext=$3
+protocol=${4-TCP}
+protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
+comment=$5
+rule=$6
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+# Get next firewall rule id
+get_next_fw_rule() {
+    if [ -z "$rule" ]; then
+        curr_str=$(grep "RULE=" $VESTA/data/firewallv6/rules.conf |\
+         cut -f 2 -d \' | sort -n | tail -n1)
+        rule="$((curr_str +1))"
+    fi
+}
+
+sort_fw_rules() {
+    cat $VESTA/data/firewallv6/rules.conf |\
+        sort -n -k 2 -t \' > $VESTA/data/firewallv6/rules.conf.tmp
+    mv -f $VESTA/data/firewallv6/rules.conf.tmp \
+        $VESTA/data/firewallv6/rules.conf
+}
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '3' "$#" 'ACTION IPV6 PORT [PROTOCOL] [COMMENT] [RULE]'
+is_format_valid 'action' 'protocol' 'port_ext' 'ipv6'
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+get_next_fw_rule
+is_format_valid 'rule'
+is_object_new '../../data/firewallv6/rules' 'RULE' "$rule"
+if [ ! -z "$comment" ]; then
+    is_format_valid 'comment'
+fi
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Generating timestamp
+time_n_date=$(date +'%T %F')
+time=$(echo "$time_n_date" |cut -f 1 -d \ )
+date=$(echo "$time_n_date" |cut -f 2 -d \ )
+
+# Concatenating rule
+str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
+str="$str IP6='$ipv6' COMMENT='$comment' SUSPENDED='no'"
+str="$str TIME='$time' DATE='$date'"
+
+# Adding to config
+echo "$str" >> $VESTA/data/firewallv6/rules.conf
+
+# Changing permissions
+chmod 660 $VESTA/data/firewallv6/rules.conf
+
+# Sorting firewall rules by id number
+sort_fw_rules
+
+# Updating system firewall
+$BIN/v-update-firewall-ipv6
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-add-sys-firewall

@@ -29,10 +29,15 @@ fi
 
 # Adding firewall directory
 mkdir -p $VESTA/data/firewall/
+mkdir -p $VESTA/data/firewallv6/
 
 # Adding default ruleset
 if [ ! -e "$VESTA/data/firewall/rules.conf" ]; then
-    cp $VESTA/install/rhel/7/* $VESTA/data/firewall/
+    cp $VESTA/install/rhel/7/firewall/* $VESTA/data/firewall/
+fi
+
+if [ ! -e "$VESTA/data/firewallv6/rules.conf" ]; then
+    cp $VESTA/install/rhel/7/firewallv6/* $VESTA/data/firewallv6/
 fi
 
 # Updating FIREWAL_SYSTEM value
@@ -45,6 +50,7 @@ fi
 
 # Updating firewall rules
 $BIN/v-update-firewall
+$BIN/v-update-firewall-ipv6
 
 
 #----------------------------------------------------------#

bin/v-add-sys-ip

@@ -46,7 +46,6 @@ if [ ! -z "$nat_ip" ] ; then
     is_format_valid 'nat_ip'
 fi
 
-
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
@@ -97,7 +96,8 @@ INTERFACE='$interface'
 NETMASK='$netmask'
 NAT='$nat_ip'
 TIME='$time'
-DATE='$date'" > $VESTA/data/ips/$ip
+DATE='$date'
+VERSION='4'" > $VESTA/data/ips/$ip
 chmod 660 $VESTA/data/ips/$ip
 
 # WEB support

bin/v-add-sys-ipv6

@@ -0,0 +1,188 @@
+#!/bin/bash
+# info: add system ip address
+# options: IPV6 NETMASK [INTERFACE] [USER] [IP_STATUS] [IP_NAME] [NAT_IP]
+#
+# The function adds ipv6 address into a system. It also creates rc scripts. You
+# can specify ipv6 name which will be used as root domain for temporary aliases.
+# For example, if you set a1.myhosting.com as name, each new domain created on
+# this ipv6 will automatically receive alias $domain.a1.myhosting.com. Of course
+# you must have wildcard record *.a1.myhosting.com pointed to ipv6. This feature 
+# is very handy when customer wants to test domain before dns migration.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+ipv6=${1// /}
+netmask=$2
+interface="${3-eth0}"
+user="${4-admin}"
+ip_status="${5-shared}"
+ip_name=$6
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/ipv6.sh
+source $VESTA/func/domain.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'IPV6 NETMASK [INTERFACE] [USER] [STATUS] [NAME]'
+is_format_valid 'ipv6' 'netmaskv6' 'interface' 'user' 'ip_status'
+is_ipv6_free
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+if [ ! -z "$ip_name" ] ; then
+    is_format_valid 'ip_name'
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+iface=$(get_ipv6_iface)
+#cidr=$(convert_netmaskv6 $netmask)
+cidr=$netmask
+
+sys_ip_check=$(/sbin/ip -6 addr | grep "$ipv6")
+if [ -z "$sys_ip_check" ]; then
+    # Adding sys ip
+    /sbin/ip addr add $ipv6/$cidr dev $interface
+
+    # Adding RHEL/CentOS/Fedora startup script
+    if [ -e "/etc/redhat-release" ]; then
+        sys_ip="# Added by vesta"
+        sys_ip="$sys_ip\nIPV6INIT=yes"
+        sys_ip="$sys_ip\nIPV6ADDR=$ipv6/$cidr"
+        sys_ip="$sys_ip\nIPV6_DEFAULTGW=$interface"
+        sys_ip="$sys_ip\nIPV6_AUTOCONF=no"
+####### sys_ip="$sys_ip\nIPV6ADDR_SECONDARIES="""
+        echo -e $sys_ip > /etc/sysconfig/network-scripts/ifcfg-$interface
+    fi
+
+    # Adding Debian/Ubuntu startup script
+    if [ -e "/etc/debian_version" ]; then
+        sys_ip="\n# Added by vesta"
+        sys_ip="$sys_ip\niface $interface inet6 static"
+        sys_ip="$sys_ip\naddress $ipv6"
+        sys_ip="$sys_ip\nnetmask $cidr"
+        echo -e $sys_ip >> /etc/network/interfaces
+    fi
+fi
+
+# Generating timestamp
+time_n_date=$(date +'%T %F')
+time=$(echo "$time_n_date" |cut -f 1 -d \ )
+date=$(echo "$time_n_date" |cut -f 2 -d \ )
+
+# Adding vesta ip
+echo "OWNER='$user'
+STATUS='$ip_status'
+NAME='$ip_name'
+U_SYS_USERS=''
+U_WEB_DOMAINS='0'
+INTERFACE='$interface'
+NETMASK='$netmask'
+NAT=''
+TIME='$time'
+DATE='$date'
+VERSION='6'" > $VESTA/data/ips/$ipv6
+chmod 660 $VESTA/data/ips/$ipv6
+
+# WEB support
+if [ ! -z "$WEB_SYSTEM" ]; then
+    web_conf="/etc/$WEB_SYSTEM/conf.d/$ipv6.conf"
+    rm -f $web_conf
+
+    if [ "$WEB_SYSTEM" = 'httpd' ] || [ "$WEB_SYSTEM" = 'apache2' ]; then
+        if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then
+            echo "NameVirtualHost [$ipv6]:$WEB_PORT" >  $web_conf
+        fi
+        echo "Listen [$ipv6]:$WEB_PORT" >> $web_conf
+    fi
+
+    if [ "$WEB_SSL" = 'mod_ssl' ]; then
+        if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then
+            echo "NameVirtualHost [$ipv6]:$WEB_SSL_PORT" >> $web_conf
+        fi
+        echo "Listen [$ipv6]:$WEB_SSL_PORT" >> $web_conf
+    fi
+fi
+
+# Proxy support
+if [ ! -z "$PROXY_SYSTEM" ]; then
+    cat $WEBTPL/$PROXY_SYSTEM/proxy_ip.tpl |\
+        sed -e "s/%ip%/[$ipv6]/g" \
+            -e "s/%web_port%/$WEB_PORT/g" \
+            -e "s/%proxy_port%/$PROXY_PORT/g" \
+        > /etc/$PROXY_SYSTEM/conf.d/$ipv6.conf
+
+    # mod_extract_forwarded
+#    fw_conf="/etc/$WEB_SYSTEM/conf.d/mod_extract_forwarded.conf"
+#    if [ -e "$fw_conf" ]; then
+#        ips=$(grep 'MEFaccept ' $fw_conf | grep -v '#' | head -n1)
+#        sed -i "s/$ips/$ips $ip/g" $fw_conf
+#    fi
+
+    # mod_rpaf
+    rpaf_conf="/etc/$WEB_SYSTEM/mods-enabled/rpaf.conf"
+    if [ -e "$rpaf_conf" ]; then
+        rpaf_str=$(grep RPAFproxy_ips $rpaf_conf)
+        rpaf_str="$rpaf_str $ipv6"
+        sed -i "s/.*RPAFproxy_ips.*/$rpaf_str/" $rpaf_conf
+    fi
+
+    #mod_remoteip
+    remoteip_conf="/etc/$WEB_SYSTEM/mods-enabled/remoteip.conf"
+    if [ -e "$remoteip_conf" ]; then
+        if [ $( grep -ic "$ipv6" $remoteip_conf ) -eq 0 ]; then
+            sed -i "s/<\/IfModule>/RemoteIPInternalProxy $ipv6\n<\/IfModule>/g" $remoteip_conf
+        fi
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Updating user counters
+increase_user_value "$user" '$IPV6_OWNED'
+if [ "$user" = 'admin' ]; then
+    if [ "$ip_status" = 'shared' ]; then
+        for user in $(ls $VESTA/data/users); do
+            increase_user_value "$user" '$IPV6_AVAIL'
+        done
+    else
+        increase_user_value 'admin' '$IPV6_AVAIL'
+    fi
+else
+    increase_user_value "$user" '$IPV6_AVAIL'
+    increase_user_value 'admin' '$IPV6_AVAIL'
+fi
+
+# Restarting web server
+$BIN/v-restart-web
+check_result $? "Web restart failed" >/dev/null
+
+# Restarting proxy server
+if [ ! -z "$PROXY_SYSTEM" ]; then
+    $BIN/v-restart-proxy
+    check_result $? "Proxy restart failed" >/dev/null
+fi
+
+# Restarting firewall
+if [ ! -z "$FIREWALL_SYSTEM" ]; then
+    $BIN/v-update-firewall
+fi
+
+# Logging
+log_history "added system ipv6 address $ipv6" '' 'admin'
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-add-user

@@ -141,9 +141,11 @@ date=$(echo "$time_n_date" |cut -f 2 -d \ )
 # Filling user config
 if [ "$user" != 'admin' ]; then
     ip_avail=$($BIN/v-list-user-ips admin plain |grep -w shared|wc -l)
+    ipv6_avail=$($BIN/v-list-user-ipv6s admin plain |grep -w shared|wc -l)
     u_users=0
 else
     ip_avail=0
+    ipv6_avail=0
     u_users=1
 fi
 
@@ -163,7 +165,9 @@ SUSPENDED_MAIL='0'
 SUSPENDED_DB='0'
 SUSPENDED_CRON='0'
 IP_AVAIL='$ip_avail'
+IPV6_AVAIL='$ipv6_avail'
 IP_OWNED='0'
+IPV6_OWNED='0'
 U_USERS='$u_users'
 U_DISK='0'
 U_DISK_DIRS='0'

bin/v-add-web-domain

@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: add web domain
-# options: USER DOMAIN [IP] [ALIASES] [PROXY_EXTENSIONS] [RESTART]
+# options: USER DOMAIN [IP] [IPV6] [ALIASES] [PROXY_EXTENSIONS] [RESTART]
 #
 # The function adds virtual host to a server. In cases when ip is
 # undefined in the script, "default" template will be used. The alias of
@@ -20,14 +20,16 @@ user=$1
 domain=$2
 domain_idn=$2
 ip=$3
-restart=$4      # will be moved to the end soon
-aliases=$5
-proxy_ext=$6
+ipv6=$4
+restart=$5      # will be moved to the end soon
+aliases=$6
+proxy_ext=$7
 
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 # Additional argument formatting
@@ -41,8 +43,17 @@ format_aliases
 #----------------------------------------------------------#
 
 is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
-check_args '2' "$#" 'USER DOMAIN [IP] [RESTART] [ALIASES] [PROXY_EXTENSIONS]'
-is_format_valid 'user' 'domain' 'aliases' 'ip' 'proxy_ext'
+check_args '2' "$#" 'USER DOMAIN [IP] [IPV6] [RESTART] [ALIASES] [PROXY_EXTENSIONS]'
+is_format_valid 'user' 'domain' 'aliases' 'proxy_ext'
+
+if [ -z "$ip" ] && [ "$ip" != "no" ]; then
+    is_format_valid 'ip'
+fi
+
+if [ -z "$ipv6" ] && [ "$ipv6" != "no" ]; then
+    is_format_valid 'ipv6'
+fi
+
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_package_full 'WEB_DOMAINS' 'WEB_ALIASES'
@@ -50,12 +61,24 @@ is_domain_new 'web' "$domain,$aliases"
 is_dir_symlink $HOMEDIR/$user/web
 if_dir_exists $HOMEDIR/$user/web/$domain
 is_dir_symlink $HOMEDIR/$user/web/$domain
+if [ "$ip" != "no" ]; then
     if [ ! -z "$ip" ]; then
         is_ip_valid "$ip" "$user"
     else
         get_user_ip
     fi
-
+else
+    ip=""
+fi
+if [ "$ipv6" != "no" ]; then
+    if [ ! -z "$ipv6" ]; then
+        is_ipv6_valid "$ipv6" "$user"
+    else
+        get_user_ipv6
+    fi
+else
+    ipv6=""
+fi
 
 #----------------------------------------------------------#
 #                       Action                             #
@@ -125,6 +148,11 @@ else
     if [ ! -z "$ip_alias" ]; then
         ALIAS="$ALIAS,$ip_alias"
     fi
+    
+    ipv6_alias=$(get_ipv6_alias $domain)
+    if [ ! -z "$ipv6_alias" ]; then
+        ALIAS="$ALIAS,$ipv6_alias"
+    fi
 fi
 
 # Preparing domain variables
@@ -144,13 +172,13 @@ if [ ! -z "$PROXY_SYSTEM" ]; then
     add_web_config "$PROXY_SYSTEM" "$PROXY_TEMPLATE.tpl"
 fi
 
-
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 
 # Increasing counters
 increase_ip_value "$local_ip"
+increase_ipv6_value "$ipv6"
 increase_user_value "$user" '$U_WEB_DOMAINS'
 increase_user_value "$user" '$U_WEB_ALIASES' "$alias_number"
 
@@ -160,7 +188,7 @@ time=$(echo "$time_n_date" |cut -f 1 -d \ )
 date=$(echo "$time_n_date" |cut -f 2 -d \ )
 
 # Adding domain in web.conf
-echo "DOMAIN='$domain' IP='$ip' IP6='' ALIAS='$ALIAS' TPL='$WEB_TEMPLATE'\
+echo "DOMAIN='$domain' IP='$ip' IP6='$ipv6' ALIAS='$ALIAS' TPL='$WEB_TEMPLATE'\
  SSL='no' SSL_HOME='same' LETSENCRYPT='no' FTP_USER='' FTP_MD5=''\
  BACKEND='$BACKEND_TEMPLATE' PROXY='$PROXY_TEMPLATE' PROXY_EXT='$PROXY_EXT'\
  STATS='' STATS_USER='' STATS_CRYPT='' U_DISK='0' U_BANDWIDTH='0'\

bin/v-add-web-domain-alias

@@ -21,6 +21,7 @@ restart="$4"
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 # Additional argument formatting
@@ -54,6 +55,7 @@ get_domain_values 'web'
 
 # Preparing domain values for the template substitution
 local_ip=$(get_real_ip $IP)
+ipv6=$IP6
 if [ -z "$ALIAS" ]; then
     ALIAS="$aliases"
 else
@@ -61,7 +63,8 @@ else
 fi
 prepare_web_domain_values
 
-# Rebuilding vhost
+if [ ! -z "$local_ip" ]; then
+    old=$local_ip
     del_web_config "$WEB_SYSTEM" "$TPL.tpl"
     add_web_config "$WEB_SYSTEM" "$TPL.tpl"
     if [ "$SSL" = 'yes' ]; then
@@ -78,6 +81,37 @@ if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
             add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
         fi
     fi
+fi
+
+# Rebuilding vhost IPv6
+if [ ! -z "$IP6" ]; then
+    old=$IP6
+    del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+    add_web_config "$WEB_SYSTEM" "$TPL.tpl"
+    if [ "$SSL" = 'yes' ]; then
+        del_web_config "$WEB_SYSTEM" "$TPL.stpl"
+        add_web_config "$WEB_SYSTEM" "$TPL.stpl"
+      fi
+fi
+
+# Rebuilding proxy configuration
+if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+    del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+    add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+    if [ "$SSL" = 'yes' ]; then
+        del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+        add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+    fi
+    # Rebuilding proxy configuration
+    if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+        del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+            add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+        fi
+    fi
+fi
 
 
 #----------------------------------------------------------#

bin/v-add-web-domain-proxy

@@ -22,6 +22,7 @@ restart="$5"
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 

bin/v-add-web-domain-ssl

@@ -39,6 +39,7 @@ domain_idn=$(idn -t --quiet -a "$domain")
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 # Additional argument formatting

bin/v-add-web-domain-stats

@@ -55,6 +55,7 @@ get_domain_values 'web'
 prepare_web_domain_values
 cat $WEBTPL/$type/$type.tpl |\
     sed -e "s|%ip%|$ip|g" \
+        -e "s|%ipv6%|$ipv6|g" \
         -e "s|%web_port%|$WEB_PORT|g" \
         -e "s|%web_system%|$WEB_SYSTEM|g" \
         -e "s|%web_ssl_port%|$WEB_SSL_PORT|g" \

bin/v-backup-user

@@ -175,6 +175,8 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         conf="$USER_DATA/web.conf"
         grep "DOMAIN='$domain'" $conf > vesta/web.conf
 
+        if [ ! -z "$IP" ]; then
+            old="$IP"
 	        # Backup vhost config
 	        conf=$HOMEDIR/$user/conf/web/$domain.$WEB_SYSTEM.conf
 	        if [ -e "$conf" ]; then
@@ -228,6 +230,77 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
 	                    conf/s$PROXY_SYSTEM.conf
 	            fi
 	        fi
+	    fi
+
+        if [ ! -z "$IP6" ]; then
+            if [ -z "$IP" ]; then
+                echo "" > conf/$domain.$WEB_SYSTEM.conf
+                if [ "$SSL" = 'yes' ]; then
+                    echo "" > conf/$domain.$WEB_SYSTEM.ssl.conf
+                fi
+                if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+                    echo "" > conf/$domain.$PROXY_SYSTEM.conf
+                fi
+                if [ ! -z "$PROXY_SYSTEM" ] && [ "$SSL" = 'yes' ]; then
+                    echo > conf/$domain.$PROXY_SYSTEM.ssl.conf
+                fi
+            fi
+            old=$IP6
+	        # Backup vhost config
+	        conf=$HOMEDIR/$user/conf/web/$domain.$WEB_SYSTEM.conf
+	        if [ -e "$conf" ]; then
+	            cp $conf conf/$WEB_SYSTEM.conf
+	        else
+	            # old style configs
+	            tpl_file="$WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/$TPL.tpl"
+	            conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf"
+	            get_web_config_lines $tpl_file $conf
+	            sed -n "$top_line,$bottom_line p" $conf > conf/$WEB_SYSTEM.conf
+	        fi
+	
+	        # Backup ssl vhost
+	        if [ "$SSL" = 'yes' ]; then
+	            conf=$HOMEDIR/$user/conf/web/$domain.$WEB_SYSTEM.ssl.conf
+	            if [ -e "$conf" ]; then
+	                cp $conf conf/$WEB_SYSTEM.ssl.conf
+	            else
+	                tpl_file="$WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/$TPL.stpl"
+	                conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf"
+	                get_web_config_lines $tpl_file $conf
+	                sed -n "$top_line,$bottom_line p" $conf > \
+	                    conf/s$WEB_SYSTEM.conf
+	            fi
+	        fi
+	
+	        # Backup proxy config
+	        if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+	            conf=$HOMEDIR/$user/conf/web/$domain.$PROXY_SYSTEM.conf
+	            if [ -e "$conf" ]; then
+	                cp $conf conf/$PROXY_SYSTEM.conf
+	            else
+	                tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl"
+	                conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf"
+	                get_web_config_lines $tpl_file $conf
+	                sed -n "$top_line,$bottom_line p" $conf > \
+	                    conf/$PROXY_SYSTEM.conf
+	            fi
+	        fi
+	
+	        # Backup ssl proxy config
+	        if [ ! -z "$PROXY_SYSTEM" ] && [ "$SSL" = 'yes' ]; then
+	            conf=$HOMEDIR/$user/conf/web/$domain.$PROXY_SYSTEM.ssl.conf
+	            if [ -e "$conf" ]; then
+	                cp $conf conf/$PROXY_SYSTEM.ssl.conf
+	            else
+	                tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl"
+	                conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf"
+	                get_web_config_lines $tpl_file $conf
+	                sed -n "$top_line,$bottom_line p" $conf >\
+	                    conf/s$PROXY_SYSTEM.conf
+	            fi
+	        fi
+	    fi
+
 
         # Backup custom config / backup LE config
         for sconfig in $(ls $HOMEDIR/$user/conf/web/|grep ".$domain.conf"); do

bin/v-change-dns-domain-ip

@@ -18,6 +18,7 @@ restart=$4
 
 # Includes
 source $VESTA/func/main.sh
+source $VESTA/func/ip.sh
 source $VESTA/func/domain.sh
 source $VESTA/conf/vesta.conf
 
@@ -32,27 +33,62 @@ format_domain_idn
 #----------------------------------------------------------#
 
 check_args '3' "$#" 'USER DOMAIN IP'
-is_format_valid 'user' 'domain' 'ip'
+is_format_valid 'user' 'domain'
 is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_object_valid 'dns' 'DOMAIN' "$domain"
 is_object_unsuspended 'dns' 'DOMAIN' "$domain"
 
+if [ "$ip" != "no" ]; then
+    is_format_valid 'ip'
+fi
+if [ "$ip" != "no" ]; then
+    is_ip_valid "$ip" "$user"
+else
+    ip=''
+fi
+
+
+# Get old ip
+get_domain_values 'dns'
+if [ -z "$ip" ] && [ -z "$IP6" ]; then
+    check_result $E_INVALID "IP or IPv6 is required"
+fi
 
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 
-# Get old ip
-get_domain_values 'dns'
 old=$IP
 
+if [ -z "$old" ]; then
+    #Create new
+    # Generating timestamp
+    time_n_date=$(date +'%T %F')
+    time=$(echo "$time_n_date" |cut -f 1 -d \ )
+    date=$(echo "$time_n_date" |cut -f 2 -d \ )
+    add_dns_config_records
+else
+    if [ ! -z "$ip" ]; then
+        # Changing records
+        sed -i "s/$old/$ip/g" $USER_DATA/dns/$domain.conf
+    else
+        ip=""
+        ipv6=$IP6
+        #Delete configs
+        remove_dns_config_records
+    fi
+fi
+
 # Changing ip
 update_object_value 'dns' 'DOMAIN' "$domain" '$IP' "$ip"
 
-# Changing records
-sed -i "s/$old/$ip/g" $USER_DATA/dns/$domain.conf
+#update counters
+records="$(wc -l $USER_DATA/dns/$domain.conf | cut -f1 -d ' ')"
+update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records"
+records=$(wc -l $USER_DATA/dns/*.conf | cut -f 1 -d ' ')
+update_user_value "$user" '$U_DNS_RECORDS' "$records"
 
 # Updating zone
 if [[ "$DNS_SYSTEM" =~ named|bind ]]; then

bin/v-change-dns-domain-ipv6

@@ -0,0 +1,120 @@
+#!/bin/bash
+# info: change dns domain ip address
+# options: USER DOMAIN IPV6
+#
+# The function for changing the main ipv6 of DNS zone.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+ipv6=$3
+restart=$4
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/ipv6.sh
+source $VESTA/func/domain.sh
+source $VESTA/conf/vesta.conf
+
+# Additional argument formatting
+format_domain
+format_domain_idn
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '3' "$#" 'USER DOMAIN IP'
+is_format_valid 'user' 'domain'
+is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'dns' 'DOMAIN' "$domain"
+is_object_unsuspended 'dns' 'DOMAIN' "$domain"
+
+if [ "$ipv6" != "no" ]; then
+    is_format_valid 'ipv6'
+fi
+if [ "$ipv6" != "no" ]; then
+    is_ipv6_valid "$ipv6" "$user"
+else
+    ipv6=''
+fi
+
+# Get old ip
+get_domain_values 'dns'
+if [ -z @"$ipv6" ] && [ -z "$IP" ]; then
+    check_result $E_INVALID "IP or IPv6 is required"
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+old=$IP6
+
+if [ -z "$old" ]; then
+    #Create new
+    # Generating timestamp
+    time_n_date=$(date +'%T %F')
+    time=$(echo "$time_n_date" |cut -f 1 -d \ )
+    date=$(echo "$time_n_date" |cut -f 2 -d \ )
+    ip=""
+    add_dns_config_records
+else
+    if [ ! -z "$ipv6" ]; then
+        # Changing records
+        sed -i "s/$old/$ipv6/g" $USER_DATA/dns/$domain.conf
+    else
+        #Delete configs
+        ipv6=""
+        ip=$IP
+        remove_dns_config_records
+    fi
+fi
+
+# Changing ip
+update_object_value 'dns' 'DOMAIN' "$domain" '$IP6' "$ipv6"
+
+#update counters
+records="$(wc -l $USER_DATA/dns/$domain.conf | cut -f1 -d ' ')"
+update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records"
+records=$(wc -l $USER_DATA/dns/*.conf | cut -f 1 -d ' ')
+update_user_value "$user" '$U_DNS_RECORDS' "$records"
+
+# Updating zone
+if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
+    update_domain_serial
+    update_domain_zone
+fi
+
+# Updating dns-cluster queue
+if [ ! -z "$DNS_CLUSTER" ]; then
+    # Check for first sync
+    dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
+    if [ -z "$dlock" ]; then
+        cmd="$BIN/v-add-remote-dns-domain $user $domain domain yes"
+        echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Restarting named
+$BIN/v-restart-dns $restart
+check_result $? "DNS restart failed" >/dev/null
+
+# Logging
+log_history "changed dns ip for $domain to $ip"
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-change-dns-domain-tpl

@@ -81,6 +81,7 @@ fi
 # Changing tpl
 echo "$template_data" |\
     sed -e "s/%ip%/$IP/g" \
+        -e "s/%ipv6%/$IP6/g" \
         -e "s/%domain_idn%/$domain_idn/g" \
         -e "s/%domain%/$domain/g" \
         -e "s/%ns1%/$ns1/g" \

bin/v-change-domain-owner

@@ -15,6 +15,7 @@ user=$2
 
 # Includes
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/func/main.sh
 source $VESTA/conf/vesta.conf
 
@@ -111,6 +112,10 @@ if [ ! -z "$dns_data" ]; then
         dns_data=$(echo "$dns_data" | sed "s/IP='$IP'/IP='$ip'/")
         sed -i "s/$IP/$ip/g" $VESTA/data/users/$owner/dns/$domain.conf
     fi
+    if [ ! -z "$ipv6" ]; then
+        dns_data=$(echo "$dns_data" | sed "s/IP6='$IPV6'/IP6='$ipv6'/")
+        sed -i "s/$IP6/$ipv6/g" $VESTA/data/users/$owner/dns/$domain.conf
+    fi
 
     # Move config
     sed -i "/DOMAIN='$domain'/d" $VESTA/data/users/$owner/dns.conf

bin/v-change-firewall-ipv6-rule

@@ -0,0 +1,85 @@
+#!/bin/bash
+# info: change firewall rule
+# options: RULE ACTION IPV6 PORT [PROTOCOL] [COMMENT]
+#
+# The function is used for changing existing firewall rule.
+# It fully replace rule with new one but keeps same id.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Importing system variables
+source /etc/profile
+
+# Argument definition
+rule=$1
+action=$(echo $2|tr '[:lower:]' '[:upper:]')
+ipv6=$3
+port_ext=$4
+protocol=${5-TCP}
+protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
+comment=$6
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+# Sort function
+sort_fw_rules() {
+    cat $VESTA/data/firewallv6/rules.conf |\
+        sort -n -k 2 -t \' > $VESTA/data/firewallv6/rules.conf.tmp
+    mv -f $VESTA/data/firewallv6/rules.conf.tmp \
+        $VESTA/data/firewallv6/rules.conf
+}
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '5' "$#" 'RULE ACTION IPV6  PORT [PROTOCOL] [COMMENT]'
+is_format_valid 'rule' 'action' 'protocol' 'port_ext' 'ipv6'
+if [ ! -z "$comment" ]; then
+    is_format_valid 'comment'
+fi
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+is_object_valid '../../data/firewallv6/rules' 'RULE' "$rule"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Generating timestamp
+time_n_date=$(date +'%T %F')
+time=$(echo "$time_n_date" |cut -f 1 -d \ )
+date=$(echo "$time_n_date" |cut -f 2 -d \ )
+
+# Concatenating firewall rule
+str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
+str="$str IP6='$ipv6' COMMENT='$comment' SUSPENDED='no'"
+str="$str TIME='$time' DATE='$date'"
+
+# Deleting old rule
+sed -i "/RULE='$rule' /d" $VESTA/data/firewallv6/rules.conf
+
+# Adding new
+echo "$str" >> $VESTA/data/firewallv6/rules.conf
+
+# Sorting firewall rules by id number
+sort_fw_rules
+
+# Updating system firewall
+$BIN/v-update-firewall-ipv6
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-change-sys-ipv6-name

@@ -0,0 +1,48 @@
+#!/bin/bash
+# info: change ip name
+# options: IPV6 NAME
+#
+# The function for changing the name of the ip.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+ipv6=$1
+ip_name=$2
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/ipv6.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'IPV6 IP_NAME'
+is_format_valid 'ipv6'
+is_format_valid 'ip_name'
+is_ipv6_valid "$ipv6"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Changing ip name
+update_ipv6_value '$NAME' "$ip_name"
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_history "changed associated name of $ipv6 to $ip_name" '' 'admin'
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-change-sys-ipv6-owner

@@ -0,0 +1,81 @@
+#!/bin/bash
+# info: change ip owner
+# options: IPV6 USER
+#
+# The function of changing ip address ownership.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+ipv6=$1
+user=$2
+
+# Includes
+source $VESTA/func/ipv6.sh
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'IPV6 USER'
+is_format_valid 'ipv6' 'user'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_ip_valid "$ipv6"
+is_ip_key_empty '$U_WEB_DOMAINS'
+is_ip_key_empty '$U_SYS_USERS'
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Changing ip owner
+ip_owner=$(get_ipv6_value '$OWNER')
+if [ "$ip_owner" != "$user" ]; then
+    ip_status="$(get_ipv6_value '$STATUS')"
+    update_ipv6_value '$OWNER' "$user"
+    decrease_user_value "$ipv6_owner" '$IPV6_OWNED'
+    if [ "$ip_owner" = 'admin' ]; then
+        if [ "$ip_status" = 'shared' ]; then
+            for vesta_user in $(ls $VESTA/data/users); do
+                decrease_user_value "$vesta_user" '$IPV6_AVAIL'
+            done
+        else
+            decrease_user_value 'admin' '$IPV6_AVAIL'
+        fi
+    else
+        decrease_user_value "$ip_owner" '$IPV6_AVAIL'
+        decrease_user_value 'admin' '$IPV6_AVAIL'
+    fi
+
+    increase_user_value "$user" '$IP_OWNED'
+    if [ "$user" = 'admin' ]; then
+        if [ "$ip_status" = 'shared' ]; then
+            for user in $(ls $VESTA/data/users); do
+                increase_user_value "$user" '$IPV6_AVAIL'
+            done
+        else
+            increase_user_value 'admin' '$IPV6_AVAIL'
+        fi
+    else
+        increase_user_value "$user" '$IPV6_AVAIL'
+        increase_user_value 'admin' '$IPV6_AVAIL'
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_history "changed owner of $ipv6 to $user" '' 'admin'
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-change-sys-ipv6-status

@@ -0,0 +1,56 @@
+#!/bin/bash
+# info: change ip status
+# options: IPV6 IP_STATUS
+#
+# The function of changing an ip address's status.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+ipv6=$1
+ip_status=$2
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/ipv6.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'IPV6 IP_STATUS'
+is_format_valid 'ipv6' 'ip_status'
+is_ipv6_valid "$ipv6"
+if [ "$ip_status" = "$(get_ipv6_value '$STATUS')" ]; then
+    check_result "$E_EXISTS" "status $ip_status is already set"
+fi
+web_domains=$(get_ipv6_value '$U_WEB_DOMAINS')
+sys_user=$(get_ipv6_value '$U_SYS_USERS')
+ip_owner=$(get_ipv6_value '$OWNER')
+if [ "$web_domains" -ne '0' ] && [ "$sys_user" != "$ip_owner" ]; then
+    check_result "$E_INUSE" "ip $ipv6 is used"
+fi
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Changing ip name
+update_ipv6_value '$STATUS' "$ip_status"
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_history "changed $ipv6 status to $ip_status" '' 'admin'
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-change-user-package

@@ -110,6 +110,8 @@ SUSPENDED_DB='$SUSPENDED_DB'
 SUSPENDED_CRON='$SUSPENDED_CRON'
 IP_AVAIL='$IP_AVAIL'
 IP_OWNED='$IP_OWNED'
+IPV6_AVAIL='$IP_AVAIL'
+IPV6_OWNED='$IP_OWNED'
 U_USERS='$U_USERS'
 U_DISK='$U_DISK'
 U_DISK_DIRS='$U_DISK_DIRS'

bin/v-change-web-domain-backend-tpl

@@ -20,6 +20,7 @@ restart=$4
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 # Additional argument formatting
@@ -77,29 +78,59 @@ if [ "$backend_type" = "$user" ]; then
     for domain in $(shell_list); do
         get_domain_values 'web'
         local_ip=$(get_real_ip $IP)
-        prepare_web_domain_values
+        ipv6=$IP6
         
-        # Rebuilding vhost
+        # Deleting vhost configuration IPv4
+        if [ ! -z "$local_ip" ]; then
+            old=$local_ip
+            # Deleting proxy
             del_web_config "$WEB_SYSTEM" "$TPL.tpl"
-        add_web_config "$WEB_SYSTEM" "$TPL.tpl"
             if [ "$SSL" = 'yes' ]; then
                 del_web_config "$WEB_SYSTEM" "$TPL.stpl"
+            fi
+            
+            if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+                del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+                if [ "$SSL" = 'yes' ]; then
+                    del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+                fi
+            fi
+        fi
+
+        # Deleting vhost configuration IPv6
+        if [ ! -z "$IP6" ]; then
+            old=$IP6
+
+            del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+            if [ "$SSL" = 'yes' ]; then
+                del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+            fi
+            
+            if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+                del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+                if [ "$SSL" = 'yes' ]; then
+                    del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+                fi
+            fi
+        fi
+        
+        prepare_web_domain_values
+        add_web_config "$WEB_SYSTEM" "$TPL.tpl"
+        if [ "$SSL" = 'yes' ]; then
             add_web_config "$WEB_SYSTEM" "$TPL.stpl"
         fi
 
         # Rebuilding proxy configuration
         if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
-            del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
             add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
             if [ "$SSL" = 'yes' ]; then
-                del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
                 add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
             fi
         fi
 
         # Update config
-        add_object_key "web" 'DOMAIN' "$domain" 'BACKEND' 'PROXY'
-        update_object_value 'web' 'DOMAIN' "$domain" '$BACKEND' "$template"
+        add_object_key "web" 'DOMAIN' "$domain_idn" 'BACKEND' 'PROXY'
+        update_object_value 'web' 'DOMAIN' "$domain_idn" '$BACKEND' "$template"
     done
 
     # Chaning template in user config
@@ -114,29 +145,61 @@ else
     # Parsing domain values
     get_domain_values 'web'
     local_ip=$(get_real_ip $IP)
+    ipv6=$IP6
+        
+    # Deleting vhost configuration IPv4
+    if [ ! -z "$local_ip" ]; then
+        old=$local_ip
+        # Deleting proxy
+        del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            del_web_config "$WEB_SYSTEM" "$TPL.stpl"
+        fi
+
+        if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+            del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+            if [ "$SSL" = 'yes' ]; then
+                del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+            fi
+        fi
+    fi
+
+    # Deleting vhost configuration IPv6
+    if [ ! -z "$IP6" ]; then
+        old=$IP6
+
+        del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+        fi
+
+        if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+            del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+            if [ "$SSL" = 'yes' ]; then
+                del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+            fi
+        fi
+    fi
+    
     prepare_web_domain_values
 
     # Rebuilding vhost
-    del_web_config "$WEB_SYSTEM" "$TPL.tpl"
     add_web_config "$WEB_SYSTEM" "$TPL.tpl"
     if [ "$SSL" = 'yes' ]; then
-        del_web_config "$WEB_SYSTEM" "$TPL.stpl"
         add_web_config "$WEB_SYSTEM" "$TPL.stpl"
     fi
 
     # Rebuilding proxy configuration
     if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
-        del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
         add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
         if [ "$SSL" = 'yes' ]; then
-            del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
             add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
         fi
     fi
 
     # Update config
-    add_object_key "web" 'DOMAIN' "$domain" 'BACKEND' 'PROXY'
-    update_object_value 'web' 'DOMAIN' "$domain" '$BACKEND' "$template"
+    add_object_key "web" 'DOMAIN' "$domain_idn" 'BACKEND' 'PROXY'
+    update_object_value 'web' 'DOMAIN' "$domain_idn" '$BACKEND' "$template"
 fi
 
 

bin/v-change-web-domain-ip

@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: change web domain ip
-# options: USER DOMAIN DOMAIN [RESTART]
+# options: USER DOMAIN IP [RESTART]
 #
 # The call is used for changing domain ip
 
@@ -33,14 +33,20 @@ format_domain_idn
 #----------------------------------------------------------#
 
 check_args '3' "$#" 'USER DOMAIN IP [RESTART]'
-is_format_valid 'user' 'domain' 'ip'
+is_format_valid 'user' 'domain'
 is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_object_valid 'web' 'DOMAIN' "$domain"
 is_object_unsuspended 'web' 'DOMAIN' "$domain"
+if [ "$ip" != "no" ]; then
+    is_format_valid 'ip'
+fi
+if [ "$ip" != "no" ]; then
     is_ip_valid "$ip" "$user"
-
+else
+    ip=''
+fi
 
 #----------------------------------------------------------#
 #                       Action                             #
@@ -48,9 +54,37 @@ is_ip_valid "$ip" "$user"
 
 # Preparing variables for vhost replace
 get_domain_values 'web'
+if [ -z "$ip" ] && [ -z "$IP6" ]; then
+    check_result $E_INVALID "IP or IPv6 is required"
+fi
+
 old=$(get_real_ip $IP)
 new=$(get_real_ip $ip)
 
+if [ -z "$old" ]; then
+    #Create new configs
+    # Preparing domain variables
+    prepare_web_domain_values
+
+    local_ip=$ip
+    # Adding web server config
+    add_web_config "$WEB_SYSTEM" "$TPL.tpl"
+    if [ "$SSL" = 'yes' ]; then
+        add_web_config "$WEB_SYSTEM" "$TPL.stpl"
+    fi
+
+    # Adding proxy config
+    if [ ! -z "$PROXY_SYSTEM" ]; then
+        add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+        fi
+    fi
+else
+    if [ ! -z "$new" ]; then
+        # Preparing domain variables
+        prepare_web_domain_values
+        
         # Replacing vhost
         replace_web_config "$WEB_SYSTEM" "$TPL.tpl"
         if [ "$SSL" = 'yes' ]; then
@@ -64,7 +98,26 @@ if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
                 replace_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
             fi
         fi
+    else
+        #Delete configs ...
+        # Preparing domain variables
+        prepare_web_domain_values
         
+        # Replacing vhost
+        del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            del_web_config "$WEB_SYSTEM" "$TPL.stpl"
+        fi
+
+        # Replacing proxy vhost
+        if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+            del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+            if [ "$SSL" = 'yes' ]; then
+                del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+            fi
+        fi
+    fi
+fi
 
 #----------------------------------------------------------#
 #                       Vesta                              #
@@ -75,7 +128,7 @@ increase_ip_value "$new"
 decrease_ip_value "$old"
 
 # Update config
-update_object_value 'web' 'DOMAIN' "$domain" '$IP' "$3"
+update_object_value 'web' 'DOMAIN' "$domain" '$IP' "$ip"
 
 # Restart web server
 $BIN/v-restart-web $restart
@@ -85,7 +138,7 @@ $BIN/v-restart-proxy $restart
 check_result $? "Proxy restart failed" >/dev/null
 
 # Logging
-log_history "changed web domain $domain ip to $3"
+log_history "changed web domain $domain ip to $ip"
 log_event "$OK" "$ARGUMENTS"
 
 exit

bin/v-change-web-domain-ipv6

@@ -0,0 +1,142 @@
+#!/bin/bash
+# info: change web domain ipv6
+# options: USER DOMAIN IPV6 [RESTART]
+#
+# The call is used for changing domain ip
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+ipv6=$3
+restart=$4
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/domain.sh
+source $VESTA/func/ipv6.sh
+source $VESTA/conf/vesta.conf
+
+# Additional argument formatting
+format_domain
+format_domain_idn
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '3' "$#" 'USER DOMAIN IPV6 [RESTART]'
+is_format_valid 'user' 'domain'
+is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+if [ "$ipv6" != "no" ]; then
+    is_format_valid 'ipv6'
+fi
+if [ "$ipv6" != "no" ]; then
+    is_ipv6_valid "$ipv6" "$user"
+else
+    ipv6=''
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Preparing variables for vhost replace
+get_domain_values 'web'
+if [ -z "$ipv6" ] && [ -z "$IP" ]; then
+    check_result $E_INVALID "IP or IPv6 is required"
+fi
+
+old=$IP6
+new=$ipv6
+
+if [ -z "$old" ]; then
+    #Create new configs
+    # Preparing domain variables
+    prepare_web_domain_values
+
+    local_ip=""
+    # Adding web server config
+    add_web_config "$WEB_SYSTEM" "$TPL.tpl"
+    if [ "$SSL" = 'yes' ]; then
+        add_web_config "$WEB_SYSTEM" "$TPL.stpl"
+    fi
+
+    # Adding proxy config
+    if [ ! -z "$PROXY_SYSTEM" ]; then
+        add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+        fi
+    fi
+else
+    if [ ! -z "$new" ]; then
+        # Preparing domain variables
+        prepare_web_domain_values
+        
+        # Replacing vhost
+        replace_web_config "$WEB_SYSTEM" "$TPL.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            replace_web_config "$WEB_SYSTEM" "$TPL.stpl"
+        fi
+
+        # Replacing proxy vhost
+        if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+            replace_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+            if [ "$SSL" = 'yes' ]; then
+                replace_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+            fi
+        fi
+    else
+        #Delete configs ...
+        # Preparing domain variables
+        prepare_web_domain_values
+        
+        # Replacing vhost
+        del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            del_web_config "$WEB_SYSTEM" "$TPL.stpl"
+        fi
+
+        # Replacing proxy vhost
+        if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+            del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+            if [ "$SSL" = 'yes' ]; then
+                del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+            fi
+        fi
+    fi
+fi
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Update counters
+increase_ipv6_value "$new"
+decrease_ipv6_value "$old"
+
+# Update config
+update_object_value 'web' 'DOMAIN' "$domain" '$IP6' "$ipv6"
+
+# Restart web server
+$BIN/v-restart-web $restart
+check_result $? "WEB restart failed" >/dev/null
+
+$BIN/v-restart-proxy $restart
+check_result $? "Proxy restart failed" >/dev/null
+
+# Logging
+log_history "changed web domain $domain ipv6 to $ipv6"
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-change-web-domain-name

@@ -20,6 +20,7 @@ restart=$4
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 # Additional argument formatting

bin/v-change-web-domain-proxy-tpl

@@ -22,6 +22,7 @@ restart="$5"
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 # Additional argument formatting
@@ -52,12 +53,27 @@ is_proxy_template_valid $template
 # Parsing domain values
 get_domain_values 'web'
 local_ip=$(get_real_ip $IP)
+ipv6=$IP6
 
-# Delete old vhost
+# Deleting vhost configuration IPv4
+if [ ! -z "$local_ip" ]; then
+    old=$local_ip
+    # Deleting proxy
     del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
     if [ "$SSL" = 'yes' ]; then
         del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
     fi
+fi
+
+# Deleting domain
+if [ ! -z "$IP6" ]; then
+    old=$IP6
+    
+    del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+    if [ "$SSL" = 'yes' ]; then
+        del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+    fi
+fi
 
 # Add new vhost
 PROXY="$template"

bin/v-change-web-domain-stats

@@ -67,6 +67,7 @@ rm -f $HOMEDIR/$user/conf/web/$STATS.$domain.conf
 prepare_web_domain_values
 cat $WEBTPL/$type/$type.tpl |\
     sed -e "s/%ip%/$ip/g" \
+        -e "s/%ipv6%/$ipv6/g" \
         -e "s/%web_port%/$WEB_PORT/g" \
         -e "s/%web_system%/$WEB_SYSTEM/g" \
         -e "s/%web_ssl_port%/$WEB_SSL_PORT/g" \

bin/v-change-web-domain-tpl

@@ -21,6 +21,7 @@ restart=$4
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 # Additional argument formatting
@@ -50,12 +51,29 @@ is_web_template_valid "$template"
 # Parsing domain values
 get_domain_values 'web'
 local_ip=$(get_real_ip $IP)
+ipv6=$IP6
+
+# Deleting vhost configuration IPv4
+if [ ! -z "$local_ip" ]; then
+    old=$local_ip
+    del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+
+    # Deleting SSL configuration and certificates
+    if [ "$SSL" = 'yes' ]; then
+        del_web_config "$WEB_SYSTEM" "$TPL.stpl"-
+    fi
+fi
 
 # Deleting domain
+if [ ! -z "$IP6" ]; then
+    old=$IP6
     del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+
+    # Deleting SSL configuration and certificates
     if [ "$SSL" = 'yes' ]; then
         del_web_config "$WEB_SYSTEM" "$TPL.stpl"
     fi
+fi
 
 # Defining variables for new vhost config
 prepare_web_domain_values

bin/v-delete-dns-on-web-alias

@@ -61,6 +61,15 @@ else
     sub=$(echo "$dom_alias" | cut -f1 -d . -s)
     root=$(echo "$dom_alias" | sed "s/^$sub.//" )
     if [ -e "$USER_DATA/dns/$root.conf" ]; then
+        total=0
+        if [ $IPV4 == 'yes' ] ; then
+          ((total++))
+        fi
+        if [ $IPV6 == 'yes' ] ; then
+          ((total++))
+        fi
+        for (( i=1; i<=$total; i++ ))
+        do
             if [ "$sub" == '*' ]; then
                 rec=$(grep -w "RECORD='\*'" $USER_DATA/dns/$root.conf)
             else
@@ -68,8 +77,9 @@ else
             fi
             if [ ! -z "$rec" ]; then
                 eval "$rec"
-            $BIN/v-delete-dns-record $user "$root" "$ID" $restart
+               $BIN/v-delete-dns-record $user "$root" "$ID"
             fi
+        done
     fi
 fi
 

bin/v-delete-dns-record

@@ -69,7 +69,7 @@ fi
 #                       Vesta                              #
 #----------------------------------------------------------#
 
-# Upddate counters
+# Update counters
 records="$(wc -l $USER_DATA/dns/$domain.conf | cut -f1 -d ' ')"
 update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records"
 decrease_user_value "$user" '$U_DNS_RECORDS'

bin/v-delete-firewall-ipv6-ban

@@ -0,0 +1,64 @@
+#!/bin/bash
+# info: delete firewall blocking rule
+# options: IP CHAIN
+#
+# The function deletes blocking rule from system firewall
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Importing system variables
+source /etc/profile
+
+# Argument definition
+ipv6=$1
+chain=$(echo $2|tr '[:lower:]' '[:upper:]')
+
+# Defining absolute path for iptables and modprobe
+iptables="/sbin/ip6tables"
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'IP CHAIN'
+is_format_valid 'ipv6' 'chain'
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Checking ip in banlist
+conf="$VESTA/data/firewallv6/banlist.conf"
+check_ip=$(grep "IP6='$ipv6' CHAIN='$chain'" $conf 2>/dev/null)
+if [ -z "$check_ip" ]; then
+    exit
+fi
+
+# Deleting ip from banlist
+sip=$(echo "$ipv6"| sed "s|/|\\\/|g")
+sed -i "/IP6='$sip' CHAIN='$chain'/d" $conf
+b=$($iptables -L fail2ban-$chain --line-number -n|grep $ipv6|awk '{print $1}')
+$iptables -D fail2ban-$chain $b 2>/dev/null
+
+# Changing permissions
+chmod 660 $conf
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-firewall-ipv6-chain

@@ -0,0 +1,66 @@
+#!/bin/bash
+# info: delete firewall chain
+# options: CHAIN
+#
+# The function adds new rule to system firewall
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Importing system variables
+source /etc/profile
+
+# Argument definition
+chain=$(echo $1 | tr '[:lower:]' '[:upper:]')
+
+# Defining absolute path to iptables
+iptables="/sbin/ip6tables"
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'CHAIN'
+is_format_valid 'chain'
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Deleting chain
+chains=$VESTA/data/firewallv6/chains.conf
+banlist=$VESTA/data/firewallv6/banlist.conf
+chain_param=$(grep "CHAIN='$chain'" $chains 2>/dev/null)
+if [ ! -z "$chain_param" ]; then
+    eval $chain_param
+    sed -i "/CHAIN='$chain'/d" $chains
+    sed -i "/CHAIN='$chain'/d" $banlist
+    $iptables -D INPUT -p $PROTOCOL \
+        --dport $PORT -j fail2ban-$CHAIN 2>/dev/null
+fi
+
+# Deleting iptables chain
+$iptables -F fail2ban-$CHAIN 2>/dev/null
+$iptables -X fail2ban-$CHAIN 2>/dev/null
+
+# Changing permissions
+chmod 660 $chains
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-firewall-ipv6-rule

@@ -0,0 +1,51 @@
+#!/bin/bash
+# info: delete firewall rule
+# options: RULE
+#
+# The function deletes firewall rule.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Importing system variables
+source /etc/profile
+
+# Argument definition
+rule=$1
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'RULE'
+is_format_valid 'rule'
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+is_object_valid '../../data/firewallv6/rules' 'RULE' "$rule"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Deleting rule
+sed -i "/RULE='$rule' /d" $VESTA/data/firewallv6/rules.conf
+
+# Updating system firewall
+$BIN/v-update-firewall-ipv6
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-sys-firewall

@@ -29,6 +29,7 @@ fi
 
 # Stopping firewall
 $BIN/v-stop-firewall
+$BIN/v-stop-firewall-ipv6
 
 # Updating FIREWALL_SYSTEM value
 if [ -z "$(grep FIREWALL_SYSTEM $VESTA/conf/vesta.conf)" ]; then

bin/v-delete-sys-ipv6

@@ -0,0 +1,149 @@
+#!/bin/bash
+# info: delete system ipv6
+# options: IPV6
+#
+# The function for deleting a system ip. It does not allow to delete first ip
+# on interface and do not allow to delete ip which is used by a web domain.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+ipv6=$1
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/ipv6.sh
+source $VESTA/func/domain.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'IPV6'
+is_format_valid 'ipv6'
+is_ip_valid "$ipv6"
+is_ip_key_empty '$U_WEB_DOMAINS'
+is_ip_key_empty '$U_SYS_USERS'
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Import ip variables
+source $VESTA/data/ips/$ipv6
+cidr=$(convert_netmaskv6 $NETMASK)
+
+# Checking main ip on the interface
+interface=$(/sbin/ip  -6 addr | grep "$ipv6/$cidr" | awk '{print $NF}')
+if [ ! -z "$interface" ] && [ -z "$(echo $interface |cut -s -f2 -d :)" ]; then
+    echo "Error: can't delete main IP address"
+    log_event "$E_FORBIDEN" "$ARGUMENTS"
+    exit $E_FORBIDEN
+fi
+
+# Deleting system ip
+if [ ! -z "$interface" ]; then
+    /sbin/ip -6 addr del $ip/$cidr dev $INTERFACE
+    if [ "$?" -ne 0 ]; then
+        echo "Error: can't delete system ip"
+        log_event "$E_FORBIDEN" "$ARGUMENTS"
+        exit $E_FORBIDEN
+    fi
+fi
+
+# Deleting startup conf on RHEL/CentOS/Fedora
+if [ -e "/etc/sysconfig/network-scripts/ifcfg-$interface" ]; then
+    rm -f /etc/sysconfig/network-scripts/ifcfg-$interface
+fi
+
+# Deleting startup conf on Debian/Ubuntu
+if [ -e "/etc/network/interfaces" ]; then
+    ip_str=$(grep -n $ip$ /etc/network/interfaces |cut -f1 -d:)
+    if [ ! -z "$ip_str" ]; then
+        first_str=$((ip_str - 3))
+        last_str=$((ip_str + 1))
+        sed -i "$first_str,$last_str d" /etc/network/interfaces
+    fi
+fi
+
+# Deleting vesta ip
+rm -f $VESTA/data/ips/$ipv6
+
+# Deleting web config
+if [ ! -z "$WEB_SYSTEM" ]; then
+    rm -f /etc/$WEB_SYSTEM/conf.d/$ipv6.conf
+fi
+
+# Deleting proxy config
+if [ ! -z "$PROXY_SYSTEM" ]; then
+    rm -f /etc/$PROXY_SYSTEM/conf.d/$ipv6.conf
+
+    # mod_extract_forwarded
+    fw_conf="/etc/$WEB_SYSTEM/conf.d/mod_extract_forwarded.conf"
+    if [ -e "$fw_conf" ]; then
+        ips=$(grep 'MEFaccept 127.0.0.1' $fw_conf)
+        new_ips=$(echo "$ips" | sed "s/$ipv6//" )
+        sed -i "s/$ips/$new_ips/g" $fw_conf
+    fi
+
+    # mod_rpaf
+    rpaf_conf="/etc/$WEB_SYSTEM/mods-enabled/rpaf.conf"
+    if [ -e "$rpaf_conf" ]; then
+        ips=$(grep RPAFproxy_ips $rpaf_conf)
+        new_ips=$(echo "$rpaf_str" | sed "s/$ipv6//")
+        sed -i "s/$ips/$new_ips/g" $rpaf_conf
+    fi
+    
+    #mod_remoteip
+    remoteip_conf="/etc/$WEB_SYSTEM/mods-enabled/remoteip.conf"
+    if [ -e "$remoteip_conf" ]; then
+        sed -i "s/RemoteIPInternalProxy $ipv6//g" $remoteip_conf
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Updating user conf
+if [ ! -z "$OWNER" ]; then
+    decrease_user_value "$OWNER" '$IPV6_OWNED'
+fi
+
+if [ "$OWNER" = 'admin' ]; then
+    if [ "$STATUS" = 'shared' ]; then
+        for user in $(ls $VESTA/data/users/); do
+            decrease_user_value "$user" '$IPV6_AVAIL'
+        done
+    fi
+else
+    decrease_user_value "$OWNER" '$IPV6_AVAIL'
+fi
+
+# Restarting web server
+$BIN/v-restart-web
+check_result $? "Web restart failed" >/dev/null
+
+# Restarting proxy server
+if [ ! -z "$PROXY_SYSTEM" ]; then
+    $BIN/v-restart-proxy
+    check_result $? "Proxy restart failed" >/dev/null
+fi
+
+# Restarting firewall
+if [ ! -z "$FIREWALL_SYSTEM" ]; then
+    $BIN/v-update-firewall
+fi
+
+# Logging
+log_history "deleted system ip address $ip"
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-user

@@ -19,6 +19,7 @@ source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/db.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 
@@ -69,6 +70,8 @@ fi
 # Releasing user ips
 $BIN/v-delete-user-ips "$user"
 check_result "$?" "user ip release failed"
+$BIN/v-delete-user-ips-v6 "$user"
+check_result "$?" "user ipv6 release failed"
 
 # Deleteing user pipes
 sed -i "/ $user$/d" $VESTA/data/queue/disk.pipe

bin/v-delete-user-ips

@@ -36,7 +36,7 @@ fi
 #----------------------------------------------------------#
 
 # Parsing user ips
-ip_list=$(grep -H "OWNER='$user'" $VESTA/data/ips/* | cut -f 1 -d:)
+ip_list=$(grep -H -A10 "OWNER='$user'" $VESTA/data/ips/* |grep "VERSION='4'" | cut -f 1 -d '-')
 
 for ip in $ip_list; do 
     ip=$(basename $ip)

bin/v-delete-user-ipv6s

@@ -0,0 +1,63 @@
+#!/bin/bash
+# info: delete user ips
+# options: USER
+#
+# The function deletes all user's ip addresses.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/ipv6.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'USER'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+if [ "$user" = 'admin' ]; then
+    exit
+fi
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Parsing user ips
+ip_list=$(grep -H -A10 "OWNER='$user'" $VESTA/data/ips/* |grep "VERSION='6'" | cut -f 1 -d '-')
+
+for ip in $ip_list; do 
+    ip=$(basename $ip)
+
+    # Checking webdomains and users
+    is_ip_key_empty '$U_WEB_DOMAINS'
+    is_ip_key_empty '$U_SYS_USERS'
+
+    # Assig ip to main account
+    update_ip_value '$OWNER' 'admin'
+    update_ip_value '$STATUS' 'dedicated'
+    increase_user_value 'admin' '$IP_OWNED'
+    increase_user_value 'admin' '$IP_AVAIL'
+done
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-web-domain

@@ -22,6 +22,7 @@ restart=$3
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 # Additional argument formatting
@@ -81,8 +82,10 @@ for PHPV in /etc/php/*; do
     fi
 done
 
+if [ -z "$IP6" ]; then
     # Deleting domain from web.conf
     sed -i "/DOMAIN='$domain'/ d" $USER_DATA/web.conf
+fi
 
 # Deleting vhost configuration
 del_web_config "$WEB_SYSTEM" "$TPL.tpl"
@@ -94,6 +97,18 @@ if [ "$SSL" = 'yes' ]; then
     rm -f $USER_DATA/ssl/$domain.*
 fi
 
+# Deleting vhost configuration IPv4
+if [ ! -z "$local_ip" ]; then
+    old=$local_ip
+    del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+
+    # Deleting SSL configuration and certificates
+    if [ "$SSL" = 'yes' ]; then
+        del_web_config "$WEB_SYSTEM" "$TPL.stpl"
+        rm -f $HOMEDIR/$user/conf/web/ssl.$domain.*
+        rm -f $USER_DATA/ssl/$domain.*
+    fi
+
     # Deleting proxy
     if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
         del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
@@ -104,6 +119,35 @@ if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
             sed -i "/=$domain:/d" /etc/$PROXY_SYSTEM/conf.d/01_caching_pool.conf
         fi
     fi
+fi
+
+# Deleting vhost configuration IPv6
+web_domain=$(grep DOMAIN $USER_DATA/web.conf |wc -l)
+if [ ! -z "$IP6" ] && [ "$web_domain" -gt '0' ]; then
+    # Deleting domain from web.conf
+    sed -i "/DOMAIN='$domain'/d" $USER_DATA/web.conf
+
+    old=$IP6
+    del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+
+    # Deleting SSL configuration and certificates
+    if [ "$SSL" = 'yes' ]; then
+        del_web_config "$WEB_SYSTEM" "$TPL.stpl"
+        rm -f $HOMEDIR/$user/conf/web/ssl.$domain.*
+        rm -f $USER_DATA/ssl/$domain.*
+    fi
+    
+    # Deleting proxy
+    if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+        del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+        fi
+        if [ -e "/etc/$PROXY_SYSTEM/conf.d/01_caching_pool.conf" ]; then
+            sed -i "/=$domain:/d" /etc/$PROXY_SYSTEM/conf.d/01_caching_pool.conf
+        fi
+    fi
+fi
 
 # Deleting web stats
 if [ ! -z "$STATS" ] && [ "$STATS" != 'no' ]; then
@@ -138,6 +182,7 @@ rm -rf $HOMEDIR/$user/web/$domain
 
 # Decreasing user counters
 decrease_ip_value "$local_ip"
+decrease_ipv6_value "$IP6"
 decrease_user_value "$user" '$U_WEB_DOMAINS'
 if [ "$SSL" = 'yes' ]; then
     decrease_user_value "$user" '$U_WEB_SSL'

bin/v-delete-web-domain-alias

@@ -20,6 +20,7 @@ restart=$4
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/conf/vesta.conf
 
 

bin/v-list-dns-domain

@@ -22,6 +22,7 @@ json_list() {
     echo '{'
     echo '    "'$DOMAIN'": {
         "IP": "'$IP'",
+        "IP6": "'$IP6'",
         "TPL": "'$TPL'",
         "TTL": "'$TTL'",
         "EXP": "'$EXP'",
@@ -40,6 +41,7 @@ json_list() {
 shell_list() {
     echo "DOMAIN:         $DOMAIN"
     echo "IP:             $IP"
+    echo "IP6:            $IP6"
     echo "TEMPLATE:       $TPL"
     echo "TTL:            $TTL"
     echo "EXP:            $EXP"
@@ -54,14 +56,14 @@ shell_list() {
 
 # PLAIN list function
 plain_list() {
-    echo -ne "$DOMAIN\t$IP\t$TPL\t$TTL\t$EXP\t$SOA\t$SERIAL\t$RECORDS\t"
+    echo -ne "$DOMAIN\t$IP\t$IP6\t$TPL\t$TTL\t$EXP\t$SOA\t$SERIAL\t$RECORDS\t"
     echo -e "$SUSPENDED\t$TIME\t$DATE"
 }
 
 # CSV list function
 csv_list() {
-    echo "DOMAIN,IP,TPL,TTL,EXP,SOA,SERIAL,RECORDS,SUSPENDED,TIME,DATE"
-    echo -n "$DOMAIN,$IP,$TPL,$TTL,$EXP,$SOA,$SERIAL,$RECORDS,$SUSPENDED,"
+    echo "DOMAIN,IP,IP6,TPL,TTL,EXP,SOA,SERIAL,RECORDS,SUSPENDED,TIME,DATE"
+    echo -n "$DOMAIN,$IP,$IP6,$TPL,$TTL,$EXP,$SOA,$SERIAL,$RECORDS,$SUSPENDED,"
     echo "$TIME,$DATE"
 }
 

bin/v-list-dns-domains

@@ -26,6 +26,7 @@ json_list() {
         eval $str
         echo -n '    "'$DOMAIN'": {
         "IP": "'$IP'",
+        "IP6": "'$IP6'",
         "TPL": "'$TPL'",
         "TTL": "'$TTL'",
         "EXP": "'$EXP'",
@@ -50,11 +51,11 @@ json_list() {
 # SHELL list function
 shell_list() {
     IFS=$'\n'
-    echo "DOMAIN   IP   TPL   TTL   REC   SPND   DATE"
-    echo "------   --   ---   ---   ---   ----   ----"
+    echo "DOMAIN   IP   IP6   TPL   TTL   REC   SPND   DATE"
+    echo "------   --   ---   ---   ---   ---   ----   ----"
     while read str; do
         eval $str
-        echo "$DOMAIN $IP $TPL $TTL $RECORDS $SUSPENDED $DATE"
+        echo "$DOMAIN $IP $IP6 $TPL $TTL $RECORDS $SUSPENDED $DATE"
     done < <(cat $USER_DATA/dns.conf)
 }
 
@@ -64,7 +65,7 @@ plain_list() {
     IFS=$'\n'
     while read str; do
         eval $str
-        echo -ne "$DOMAIN\t$IP\t$TPL\t$TTL\t$EXP\t$SOA\t$SERIAL\t"
+        echo -ne "$DOMAIN\t$IP\t$IP6\t$TPL\t$TTL\t$EXP\t$SOA\t$SERIAL\t"
         echo -e "$SRC\t$RECORDS\t$SUSPENDED\t$TIME\t$DATE"
     done < <(cat $USER_DATA/dns.conf)
 }
@@ -73,10 +74,10 @@ plain_list() {
 # CSV list function
 csv_list() {
     IFS=$'\n'
-    echo "DOMAIN,IP,TPL,TTL,EXP,SOA,SERIAL,SRC,RECORDS,SUSPENDED,TIME,DATE"
+    echo "DOMAIN,IP,IP6,TPL,TTL,EXP,SOA,SERIAL,SRC,RECORDS,SUSPENDED,TIME,DATE"
     while read str; do
         eval $str
-        echo -n "$DOMAIN,$IP,$TPL,$TTL,$EXP,$SOA,$SERIAL,"
+        echo -n "$DOMAIN,$IP,$IP6,$TPL,$TTL,$EXP,$SOA,$SERIAL,"
         echo "$SRC,$RECORDS,$SUSPENDED,$TIME,$DATE"
     done < <(cat $USER_DATA/dns.conf)
 }

bin/v-list-firewall-ipv6

@@ -0,0 +1,96 @@
+#!/bin/bash
+# info: list iptables rules
+# options: [FORMAT]
+#
+# The function of obtaining the list of all iptables rules.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+format=${1-shell}
+
+# Includes
+source $VESTA/func/main.sh
+
+# JSON list function
+json_list() {
+    IFS=$'\n'
+    i=1
+    objects=$(grep RULE $VESTA/data/firewallv6/rules.conf |wc -l)
+    echo "{"
+    while read str; do
+        eval $str
+        echo -n '    "'$RULE'": {
+        "ACTION": "'$ACTION'",
+        "PROTOCOL": "'$PROTOCOL'",
+        "PORT": "'$PORT'",
+        "IP6": "'$IP6'",
+        "COMMENT": "'$COMMENT'",
+        "SUSPENDED": "'$SUSPENDED'",
+        "TIME": "'$TIME'",
+        "DATE": "'$DATE'"
+    }'
+        if [ "$i" -lt "$objects" ]; then
+            echo ','
+        else
+            echo
+        fi
+        ((i++))
+    done < <(cat $VESTA/data/firewallv6/rules.conf)
+    echo '}'
+}
+
+# SHELL list function
+shell_list() {
+    IFS=$'\n'
+    echo "RULE^ACTION^PROTO^PORT^IP6^SPND^DATE"
+    echo "----^------^-----^----^--^----^----"
+    while read str; do
+        eval $str
+        echo "$RULE^$ACTION^$PROTOCOL^$PORT^$IP6^$SUSPENDED^$DATE"
+    done < <(cat $VESTA/data/firewallv6/rules.conf)
+}
+
+# PLAIN list function
+plain_list() {
+    IFS=$'\n'
+    while read str; do
+        eval $str
+        echo -ne "$RULE\t$ACTION\t$PROTOCOL\t$PORT\t$IP6\t$COMMENT\t"
+        echo -e "$SUSPENDED\t$TIME\t$DATE"
+    done < <(cat $VESTA/data/firewallv6/rules.conf)
+}
+
+# CSV list function
+csv_list() {
+    IFS=$'\n'
+    echo "RULE,ACTION,PROTOCOL,PORT,IP6,COMMENT,SUSPENDED,TIME,DATE"
+    while read str; do
+        eval $str
+        echo -n "$RULE,$ACTION,$PROTOCOL,$PORT,$IP6,\"$COMMENT\","
+        echo "$SUSPENDED,$TIME,$DATE"
+    done < <(cat $VESTA/data/firewallv6/rules.conf)
+}
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Listing data
+case $format in
+    json)   json_list ;;
+    plain)  plain_list ;;
+    csv)    csv_list ;;
+    shell)  shell_list |column -t -s '^' ;;
+esac
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+exit

bin/v-list-firewall-ipv6-ban

@@ -0,0 +1,90 @@
+#!/bin/bash
+# info: list firewall block list
+# options: [FORMAT]
+#
+# The function of obtaining the list of currently blocked ips.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+format=${1-shell}
+
+# Includes
+source $VESTA/func/main.sh
+
+# JSON list function
+json_list() {
+    IFS=$'\n'
+    i=1
+    objects=$(grep IP6 $VESTA/data/firewallv6/banlist.conf |wc -l)
+    echo "{"
+    while read str; do
+        eval $str
+        echo -n '    "'$IP6'": {
+        "IP6": "'$IP6'",
+        "CHAIN": "'$CHAIN'",
+        "TIME": "'$TIME'",
+        "DATE": "'$DATE'"
+    }'
+        if [ "$i" -lt "$objects" ]; then
+            echo ','
+        else
+            echo
+        fi
+        ((i++))
+    done < <(cat $VESTA/data/firewallv6/banlist.conf)
+    echo '}'
+}
+
+# SHELL list function
+shell_list() {
+    IFS=$'\n'
+    echo "IP6   CHAIN   TIME   DATE"
+    echo "---   -----   ----   ----"
+    while read str; do
+        eval $str
+        echo "$IP6 $CHAIN $TIME $DATE"
+    done < <(cat $VESTA/data/firewallv6/banlist.conf)
+}
+
+# PLAIN list function
+plain_list() {
+    IFS=$'\n'
+    while read str; do
+        eval $str
+        echo -e "$IP6\t$CHAIN\t$TIME\t$DATE"
+    done < <(cat $VESTA/data/firewallv6/banlist.conf)
+}
+
+# CSV list function
+csv_list() {
+    IFS=$'\n'
+    echo "IP6,CHAIN,TIME,DATE"
+    while read str; do
+        eval $str
+        echo "$IP6,$CHAIN,$TIME,$DATE"
+    done < <(cat $VESTA/data/firewallv6/banlist.conf)
+}
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Listing data
+case $format in
+    json)   json_list ;;
+    plain)  plain_list ;;
+    csv)    csv_list ;;
+    shell)  shell_list |column -t ;;
+esac
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+exit

bin/v-list-firewall-ipv6-rule

@@ -0,0 +1,88 @@
+#!/bin/bash
+# info: list firewall rule
+# options: RULE [FORMAT]
+#
+# The function of obtaining firewall rule parameters.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+rule=$1
+format=${2-shell}
+
+# Includes
+source $VESTA/func/main.sh
+
+json_list() {
+    echo '{'
+    echo '    "'$RULE'": {
+        "ACTION": "'$ACTION'",
+        "PROTOCOL": "'$PROTOCOL'",
+        "PORT": "'$PORT'",
+        "IP6": "'$IP6'",
+        "COMMENT": "'$COMMENT'",
+        "SUSPENDED": "'$SUSPENDED'",
+        "TIME": "'$TIME'",
+        "DATE": "'$DATE'"
+    }'
+    echo '}'
+}
+
+# SHELL list function
+shell_list() {
+    echo "ACTION:         $ACTION"
+    echo "PROTOCOL:       $PROTOCOL"
+    echo "PORT:           $PORT"
+    echo "IP6:            $IP6"
+    echo "COMMENT:        $COMMENT"
+    echo "SUSPENDED:      $SUSPENDED"
+    echo "TIME:           $TIME"
+    echo "DATE:           $DATE"
+}
+
+# PLAIN list function
+plain_list() {
+    echo -ne "$RULE\t$ACTION\t$PROTOCOL\t$PORT\t$IP6\t$COMMENT\t"
+    echo -e "$SUSPENDED\t$TIME\t$DATE"
+}
+
+# CSV list function
+csv_list() {
+    echo "RULE,ACTION,PROTOCOL,PORT,IP6,COMMENT,SUSPENDED,TIME,DATE"
+    echo "$RULE,$ACTION,$PROTOCOL,$PORT,$IP6,$COMMENT,$SUSPENDED,$TIME,$DATE"
+}
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'RULE [FORMAT]'
+is_number_format_valid "$rule" "rule id"
+is_object_valid '../../data/firewallv6/rules' 'RULE' "$rule"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Parsing rules
+eval $(grep "RULE='$rule'" $VESTA/data/firewallv6/rules.conf)
+
+# Listing data
+case $format in
+    json)   json_list ;;
+    plain)  plain_list ;;
+    csv)    csv_list ;;
+    shell)  shell_list ;;
+esac
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+exit

bin/v-list-sys-ip

@@ -30,7 +30,8 @@ json_list() {
         "NETMASK": "'$NETMASK'",
         "NAT": "'$NAT'",
         "TIME": "'$TIME'",
-        "DATE": "'$DATE'"
+        "DATE": "'$DATE'",
+        "VERSION": "'$VERSION'"
         }'
     echo '}'
 }
@@ -48,20 +49,21 @@ shell_list() {
     echo "DOMAINS:        $U_WEB_DOMAINS"
     echo "TIME:           $TIME"
     echo "DATE:           $DATE"
+    echo "VERSION:        $VERSION"
 }
 
 # PLAIN list function
 plain_list() {
     echo -ne "$IP\t$OWNER\t$STATUS\t$NAME\t$U_SYS_USERS\t$U_WEB_DOMAINS\t"
-    echo -e "$INTERFACE\t$NETMASK\t$NAT\t$TIME\t$DATE"
+    echo -e "$INTERFACE\t$NETMASK\t$NAT\t$TIME\t$DATE\t$VERSION"
 }
 
 # CSV list function
 csv_list() {
     echo -n "IP,OWNER,STATUS,NAME,U_SYS_USERS,U_WEB_DOMAINS,INTERFACE"
-    echo "NETMASK,NAT,TIME,DATE"
+    echo "NETMASK,NAT,TIME,DATE,VERSION"
     echo -n "$IP,$OWNER,$STATUS,$NAME,\"$U_SYS_USERS\",$U_WEB_DOMAINS,"
-    echo "$INTERFACE, $NETMASK,$NAT,$TIME,$DATE"
+    echo "$INTERFACE, $NETMASK,$NAT,$TIME,$DATE,$VERSION"
 }
 
 
@@ -70,7 +72,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'IP [FORMAT]'
-is_format_valid 'ip'
+is_format_valid 'ip46'
 if [ ! -e "$VESTA/data/ips/$ip" ]; then
     check_result $E_NOTEXIST "ip $ip doesn't exist"
 fi

bin/v-list-sys-ips

@@ -32,7 +32,8 @@ json_list() {
         "NETMASK": "'$NETMASK'",
         "NAT": "'$NAT'",
         "TIME": "'$TIME'",
-        "DATE": "'$DATE'"
+        "DATE": "'$DATE'",
+        "VERSION": "'$VERSION'"
         }'
         if [ "$i" -lt "$ip_count" ]; then
             echo ','
@@ -46,14 +47,14 @@ json_list() {
 
 # SHELL list function
 shell_list() {
-    echo "IP   MASK   NAT   STATUS   WEB  DATE"
-    echo "--   ----   ---   ------   ---  ----"
+    echo "IP   MASK   NAT   STATUS   WEB  DATE  VERSION"
+    echo "--   ----   ---   ------   ---  ----  -------"
     while read IP; do
         source $VESTA/data/ips/$IP
         if [ -z "$NAT" ]; then
             NAT='no'
         fi
-        echo "$IP $NETMASK $NAT $STATUS $U_WEB_DOMAINS $DATE"
+        echo "$IP $NETMASK $NAT $STATUS $U_WEB_DOMAINS $DATE $VERSION"
     done < <(ls $VESTA/data/ips/)
 }
 
@@ -62,18 +63,18 @@ plain_list() {
     while read IP; do
         source $VESTA/data/ips/$IP
         echo -ne "$IP\t$OWNER\t$STATUS\t$NAME\t$U_SYS_USERS\t$U_WEB_DOMAINS\t"
-        echo -e "$INTERFACE\t$NETMASK\t$NAT\t$TIME\t$DATE"
+        echo -e "$INTERFACE\t$NETMASK\t$NAT\t$TIME\t$DATE\t$VERSION"
     done < <(ls $VESTA/data/ips/)
 }
 
 # CSV list function
 csv_list() {
     echo -n "IP,OWNER,STATUS,NAME,U_SYS_USERS,U_WEB_DOMAINS,INTERFACE"
-    echo "NETMASK,NAT,TIME,DATE"
+    echo "NETMASK,NAT,TIME,DATE,VERSION"
     while read IP; do
         source $VESTA/data/ips/$IP
         echo -n "$IP,$OWNER,$STATUS,$NAME,\"$U_SYS_USERS\",$U_WEB_DOMAINS,"
-        echo "$INTERFACE, $NETMASK,$NAT,$TIME,$DATE"
+        echo "$INTERFACE, $NETMASK,$NAT,$TIME,$DATE,$VERSION"
     done < <(ls $VESTA/data/ips/)
 }
 

bin/v-list-user

@@ -53,6 +53,8 @@ json_list() {
         "SUSPENDED_CRON": "'$SUSPENDED_CRON'",
         "IP_AVAIL": "'$IP_AVAIL'",
         "IP_OWNED": "'$IP_OWNED'",
+        "IP6_AVAIL": "'$IP6_AVAIL'",
+        "IP6_OWNED": "'$IP6_OWNED'",
         "U_USERS": "'$U_USERS'",
         "U_DISK": "'$U_DISK'",
         "U_DISK_DIRS": "'$U_DISK_DIRS'",
@@ -113,8 +115,8 @@ plain_list() {
     echo -ne "$CONTACT\t$CRON_REPORTS\t$RKEY\t$SUSPENDED\t"
     echo -ne "$SUSPENDED_USERS\t$SUSPENDED_WEB\t$SUSPENDED_DNS\t"
     echo -ne "$SUSPENDED_MAIL\t$SUSPENDED_DB\t$SUSPENDED_CRON\t"
-    echo -ne "$IP_AVAIL\t$IP_OWNED\t$U_USERS\t$U_DISK\t$U_DISK_DIRS\t"
-    echo -ne "$U_DISK_WEB\t$U_DISK_MAIL\t$U_DISK_DB\t$U_BANDWIDTH\t"
+    echo -ne "$IP_AVAIL\t$IP_OWNED\t$IP6_AVAIL\t$IP6_OWNED\t$U_USERS\t$U_DISK\t"
+    echo -ne "$U_DISK_DIRS\t$U_DISK_WEB\t$U_DISK_MAIL\t$U_DISK_DB\t$U_BANDWIDTH\t"
     echo -ne "$U_WEB_DOMAINS\t$U_WEB_SSL\t$U_WEB_ALIASES\t"
     echo -ne "$U_DNS_DOMAINS\t$U_DNS_RECORDS\t$U_MAIL_DOMAINS\t"
     echo -ne "$U_MAIL_DKIM\t$U_MAIL_ACCOUNTS\t$U_DATABASES\t"
@@ -129,8 +131,8 @@ csv_list() {
     echo -n "DATABASES,CRON_JOBS,DISK_QUOTA,BANDWIDTH,NS,HOME,SHELL,"
     echo -n "BACKUPS,CONTACT,CRON_REPORTS,RKEY,SUSPENDED,SUSPENDED_USERS,"
     echo -n "SUSPENDED_WEB,SUSPENDED_DNS,SUSPENDED_MAIL,SUSPENDED_DB,"
-    echo -n "SUSPENDED_CRON,IP_AVAIL,IP_OWNED,U_USERS,U_DISK,U_DISK_DIRS,"
-    echo -n "U_DISK_WEB,U_DISK_MAIL,U_DISK_DB,U_BANDWIDTH,U_WEB_DOMAINS,"
+    echo -n "SUSPENDED_CRON,IP_AVAIL,IP_OWNED,IP6_AVAIL,IP6_OWNED,U_USERS,U_DISK,"
+    echo -n "U_DISK_DIRS,U_DISK_WEB,U_DISK_MAIL,U_DISK_DB,U_BANDWIDTH,U_WEB_DOMAINS,"
     echo -n "U_WEB_SSL,U_WEB_ALIASES,U_DNS_DOMAINS,U_DNS_RECORDS,"
     echo -n "U_MAIL_DOMAINS,U_MAIL_DKIM,U_MAIL_ACCOUNTS,U_DATABASES"
     echo "U_CRON_JOBS,U_BACKUPS,LANGUAGE,TIME,DATE"
@@ -140,8 +142,8 @@ csv_list() {
     echo -n "$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS,$DISK_QUOTA,$BANDWIDTH,"
     echo -n "\"$NS\",$HOME,$SHELL,$BACKUPS,$CONTACT,$CRON_REPORTS,\"$RKEY\","
     echo -n "$SUSPENDED,$SUSPENDED_USERS,$SUSPENDED_WEB,$SUSPENDED_DNS,"
-    echo -n "$SUSPENDED_MAIL,$SUSPENDED_DB,$SUSPENDED_CRON,$IP_AVAIL,"
-    echo -n "$IP_OWNED,$U_USERS,$U_DISK,$U_DISK_DIRS,$U_DISK_WEB,"
+    echo -n "$SUSPENDED_MAIL,$SUSPENDED_DB,$SUSPENDED_CRON,$IP_AVAIL,$IP_OWNED,"
+    echo -n "$IP6_AVAIL,$IP6_OWNED,$U_USERS,$U_DISK,$U_DISK_DIRS,$U_DISK_WEB,"
     echo -n "$U_DISK_MAIL,$U_DISK_DB,$U_BANDWIDTH,$U_WEB_DOMAINS,$U_WEB_SSL,"
     echo -n "$U_WEB_ALIASES,$U_DNS_DOMAINS,$U_DNS_RECORDS,$U_MAIL_DOMAINS,"
     echo -n "$U_MAIL_DKIM,$U_MAIL_ACCOUNTS,$U_DATABASES,$U_CRON_JOBS,"

bin/v-list-user-ips

@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: list user ips
-# options: USER [FORMAT]
+# options: USER [FORMAT] [VERSION]
 #
 # The function for obtaining the list of available ip addresses.
 
@@ -12,6 +12,7 @@
 # Argument definition
 user=$1
 format=${2-shell}
+version=${3-all}
 
 # Includes
 source $VESTA/func/main.sh
@@ -27,6 +28,7 @@ json_list() {
         "OWNER": "'$OWNER'",
         "STATUS": "'$STATUS'",
         "NAME": "'$NAME'",
+        "VERSION": "'$VERSION'",
         "NAT": "'$NAT'"
         }'
         if [ "$i" -lt "$ip_count" ]; then
@@ -41,8 +43,8 @@ json_list() {
 
 # SHELL list function
 shell_list() {
-    echo "IP  NAT  OWNER   STATUS   NAME"
-    echo "--  ---  -----   ------   ---"
+    echo "IP  NAT  OWNER   STATUS   NAME   VERSION"
+    echo "--  ---  -----   ------   ----   -------"
     for IP in $ips; do
         source $VESTA/data/ips/$IP
         if [ -z "$NAT" ]; then
@@ -51,7 +53,7 @@ shell_list() {
         if [ -z "$NAME" ]; then
             NAME='no'
         fi
-        echo "$IP $NAT $OWNER $STATUS $NAME"
+        echo "$IP $NAT $OWNER $STATUS $NAME $VERSION"
     done
 }
 
@@ -59,16 +61,16 @@ shell_list() {
 plain_list() {
     for IP in $ips; do
         source $VESTA/data/ips/$IP
-        echo -e "$IP\t$OWNER\t$STATUS\t$NAME\t$NAT"
+        echo -e "$IP\t$OWNER\t$STATUS\t$NAME\t$NAT\t$VERSION"
     done
 }
 
 # CSV list function
 csv_list() {
-    echo "IP,OWNER,STATUS,NAME,NAT"
+    echo "IP,OWNER,STATUS,NAME,NAT,VERSION"
     for IP in $ips; do
         source $VESTA/data/ips/$IP
-        echo "$IP,$OWNER,$STATUS,$NAME,$NAT"
+        echo "$IP,$OWNER,$STATUS,$NAME,$NAT,$VERSION"
     done
 }
 
@@ -87,14 +89,34 @@ is_object_valid 'user' 'USER' "$user"
 #----------------------------------------------------------#
 
 # Defining fileds to select
+if [ "$version" == "6" ]; then
+    owner='admin'
+    owner_ips=$(grep -A 10 -H  "OWNER='$owner'" $VESTA/data/ips/*)
+    owner_ips=$(echo "$owner_ips" |grep -A 10 "STATUS='shared'" |grep "VERSION='6'")
+    owner_ips=$(echo "$owner_ips" |cut -f 7 -d / |cut -f 1 -d -)
+    user_ips=$(grep -A 10 -H "OWNER='$user'" $VESTA/data/ips/* |grep "VERSION='6'")
+    user_ips=$(echo "$user_ips" |cut -f 1 -d '-' |cut -f 7 -d / |awk -F ':OWNER' '{print $1}')
+    ips=$(echo -e "$user_ips\n$owner_ips" |sort -u |sed "/^$/d")
+    fields='$IP $OWNER $STATUS $NAME $NAT'
+elif [ "$version" == "4" ]; then
+    owner='admin'
+    owner_ips=$(grep -A 10 -H  "OWNER='$owner'" $VESTA/data/ips/*)
+    owner_ips=$(echo "$owner_ips" |grep -A 10 "STATUS='shared'" |grep "VERSION='4'")
+    owner_ips=$(echo "$owner_ips" |cut -f 7 -d / |cut -f 1 -d -)
+    user_ips=$(grep -A 10 -H "OWNER='$user'" $VESTA/data/ips/* |grep "VERSION='4'")
+    user_ips=$(echo "$user_ips" |cut -f 1 -d '-' |cut -f 7 -d / |awk -F ':OWNER' '{print $1}')
+    ips=$(echo -e "$user_ips\n$owner_ips" |sort -u |sed "/^$/d")
+    fields='$IP $OWNER $STATUS $NAME $NAT'
+else
     owner='admin'
     owner_ips=$(grep -A 1 -H  "OWNER='$owner'" $VESTA/data/ips/*)
     owner_ips=$(echo "$owner_ips" |grep "STATUS='shared'")
     owner_ips=$(echo "$owner_ips" |cut -f 7 -d / |cut -f 1 -d -)
     user_ips=$(grep -H "OWNER='$user'" $VESTA/data/ips/*)
-user_ips=$(echo "$user_ips" |cut -f 7 -d / |cut -f 1 -d :)
+    user_ips=$(echo "$user_ips" |cut -f 1 -d '-' |cut -f 7 -d / |awk -F ':OWNER' '{print $1}')
     ips=$(echo -e "$user_ips\n$owner_ips" |sort -u |sed "/^$/d")
     fields='$IP $OWNER $STATUS $NAME $NAT'
+fi
 
 # Listing data
 case $format in

bin/v-list-users

@@ -57,6 +57,8 @@ json_list() {
         "SUSPENDED_CRON": "'$SUSPENDED_CRON'",
         "IP_AVAIL": "'$IP_AVAIL'",
         "IP_OWNED": "'$IP_OWNED'",
+        "IPV6_AVAIL": "'$IPV6_AVAIL'",
+        "IPV6_OWNED": "'$IPV6_OWNED'",
         "U_USERS": "'$U_USERS'",
         "U_DISK": "'$U_DISK'",
         "U_DISK_DIRS": "'$U_DISK_DIRS'",

bin/v-list-web-domains

@@ -59,11 +59,11 @@ json_list() {
 # SHELL list function
 shell_list() {
     IFS=$'\n'
-    echo "DOMAIN   IP   TPL   SSL   DISK   BW   SPND   DATE"
-    echo "------   --   ---   ---   ----   --   ----   -----"
+    echo "DOMAIN   IP   IP6   TPL   SSL   DISK   BW   SPND   DATE"
+    echo "------   --   ---   ---   ---   ----   --   ----   ----"
     while read str; do
         eval $str
-        echo "$DOMAIN $IP $TPL $SSL $U_DISK $U_BANDWIDTH $SUSPENDED $DATE"
+        echo "$DOMAIN $IP $IP6 $TPL $SSL $U_DISK $U_BANDWIDTH $SUSPENDED $DATE"
     done < <(cat $USER_DATA/web.conf)
 }
 

bin/v-rebuild-web-domains

@@ -17,6 +17,7 @@ restart=$2
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/func/rebuild.sh
 source $VESTA/conf/vesta.conf
 

bin/v-restart-service

@@ -39,6 +39,12 @@ else
     if [ $? -ne 0 ]; then
         check_result $E_RESTART "$service restart failed"
     fi
+    
+    $BIN/v-stop-firewall-ipv6
+    $BIN/v-update-firewall-ipv6
+    if [ $? -ne 0 ]; then
+        check_result $E_RESTART "$service restart failed"
+    fi
 fi
 
 

bin/v-restore-user

@@ -37,6 +37,7 @@ fi
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/func/ip.sh
+source $VESTA/func/ipv6.sh
 source $VESTA/func/db.sh
 source $VESTA/func/rebuild.sh
 source $VESTA/conf/vesta.conf
@@ -354,6 +355,15 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
                 IP=$ip
             fi
             
+            # Checking ip address
+            check_ipv6=$(is_ipv6_valid $IP6 $user)
+            if [ ! -z "$check_ipv6" ]; then
+                local_ipv6=''
+                get_user_ipv6 $user
+                old_ipv6=$IP6
+                IP6=$ipv6
+            fi
+
             # Checking web template
             check_tpl=$(is_web_template_valid $TPL)
             if [ ! -z "$check_tpl" ]; then
@@ -514,12 +524,23 @@ if [ "$dns" != 'no' ] && [ ! -z "$DNS_SYSTEM" ]; then
             # Checking ip address
             check_ip=$(is_ip_valid $IP $user)
             if [ ! -z "$check_ip" ]; then
-                local_ip=''
+                local_ipv6=''
                 get_user_ip $user
                 old_ip=$IP
                 IP=$ip
             fi
             
+            # Checking ipv6 address
+            check_ipv6=$(is_ipv6_valid $IP6 $user)
+            if [ ! -z "$check_ipv6" ]; then
+                local_ip6=''
+                get_user_ipv6 $user
+                old_ipv6=$IP6
+                IP6=$ipv6
+            else
+                old_ipv6=''
+            fi
+
             # Checking dns template
             check_tpl=$(is_dns_template_valid $TPL)
             if [ ! -z "$check_tpl" ]; then
@@ -527,7 +548,7 @@ if [ "$dns" != 'no' ] && [ ! -z "$DNS_SYSTEM" ]; then
             fi
 
             # Concatenating dns.conf keys
-            str="DOMAIN='$domain' IP='$IP' TPL='$TPL' TTL='$TTL' EXP='$EXP'"
+            str="DOMAIN='$domain' IP='$IP' IP6='$IP6' TPL='$TPL' TTL='$TTL' EXP='$EXP'"
             str="$str SOA='$SOA' RECORDS='$RECORDS' SUSPENDED='no'"
             str="$str TIME='$(date +%T)' DATE='$(date +%F)'"
             echo $str >> $USER_DATA/dns.conf
@@ -535,6 +556,14 @@ if [ "$dns" != 'no' ] && [ ! -z "$DNS_SYSTEM" ]; then
 
         # Restoring dns records
         cp -f $tmpdir/dns/$domain/vesta/$domain.conf $USER_DATA/dns/
+        if [ -z "$old_ipv6" ] && [ ! -z "$IP6" ]; then
+            time_n_date=$(date +'%T %F')
+            time=$(echo "$time_n_date" |cut -f 1 -d \ )
+            date=$(echo "$time_n_date" |cut -f 2 -d \ )
+            ip=""
+            ipv6="$IP6"
+            add_dns_config_records
+        fi
 
         # Rebuilding dns domain
         rebuild_dns_domain_conf

bin/v-stop-firewall-ipv6

@@ -0,0 +1,80 @@
+#!/bin/bash
+# info: stop system firewall
+# options: NONE
+#
+# The function stops  iptables
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Defining absolute path for iptables and modprobe
+iptables="/sbin/ip6tables"
+modprobe="/sbin/modprobe"
+
+# Includes
+source /etc/profile.d/vesta.sh
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+#is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Creating temporary file
+tmp=$(mktemp)
+
+# Flushing INPUT chain
+echo "$iptables -P INPUT ACCEPT" >> $tmp
+echo "$iptables -F INPUT" >> $tmp
+
+# Deleting vesta chain
+echo "$iptables -X vesta" >> $tmp
+
+# Deleting custom chains
+chains=$(cat $VESTA/data/firewallv6/chains.conf 2>/dev/null)
+IFS=$'\n'
+for chain in $chains; do
+    eval $chain
+    echo "$iptables -F fail2ban-$CHAIN" >> $tmp
+    echo "$iptables -X fail2ban-$CHAIN" >> $tmp
+done
+
+# Applying rules
+bash $tmp 2>/dev/null
+
+# Deleting temporary file
+rm -f $tmp
+
+# Saving rules to the master iptables file
+if [ -e "/etc/redhat-release" ]; then
+    /sbin/ip6tables-save > /etc/sysconfig/ip6tables
+    if [ -z "$(ls /etc/rc3.d/S*ip6tables 2>/dev/null)" ]; then
+        /sbin/chkconfig ip6tables off
+    fi
+else
+    /sbin/ip6tables-save > /etc/ip6tables.rules
+    preup="/etc/network/if-pre-up.d/ip6tables"
+    if [ ! -e "$preup" ]; then
+        echo '#!/bin/sh' > $preup
+        echo "/sbin/ip6tables-restore < /etc/ip6tables.rules" >> $preup
+        echo "exit 0" >> $preup
+        chmod +x $preup
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+exit

bin/v-suspend-firewall-ipv6-rule

@@ -0,0 +1,49 @@
+#!/bin/bash
+# info: suspend firewall rule
+# options: RULE
+#
+# The function suspends a certain firewall rule.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+rule=$1
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'RULE'
+is_format_valid 'rule'
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+is_object_valid '../../data/firewallv6/rules' 'RULE' "$rule"
+is_object_unsuspended '../../data/firewallv6/rules' 'RULE' "$rule"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Suspending rule
+update_object_value ../../data/firewallv6/rules RULE $rule '$SUSPENDED' yes
+
+# Updating system firewall
+$BIN/v-update-firewall-ipv6
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-suspend-web-domain

@@ -57,7 +57,9 @@ local_ip=$(get_real_ip $IP)
 # Preparing domain values for the template substitution
 prepare_web_domain_values
 
-# Rebuilding vhost
+# Rebuilding vhost IPv4
+if [ ! -z "$local_ip" ]; then
+    old=$local_ip
     del_web_config "$WEB_SYSTEM" "$TPL.tpl"
     add_web_config "$WEB_SYSTEM" "$TPL.tpl"
     if [ "$SSL" = 'yes' ]; then
@@ -74,6 +76,30 @@ if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
             add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
         fi
     fi
+fi
+
+# Rebuilding vhost IPv6
+if [ ! -z "$IP6" ]; then
+    local_ip=""
+    ipv6=$IP6
+    old=$IP6
+    del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+    add_web_config "$WEB_SYSTEM" "$TPL.tpl"
+      if [ "$SSL" = 'yes' ]; then
+        del_web_config "$WEB_SYSTEM" "$TPL.stpl"
+        add_web_config "$WEB_SYSTEM" "$TPL.stpl"
+    fi
+
+    # Rebuilding proxy configuration
+    if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+        del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+            add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+        fi
+      fi
+  fi
 
 
 #----------------------------------------------------------#

bin/v-unsuspend-firewall-ipv6-rule

@@ -0,0 +1,49 @@
+#!/bin/bash
+# info: unsuspend firewall rule
+# options: RULE
+#
+# The function unsuspends a certain firewall rule.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+rule=$1
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'RULE'
+is_format_valid 'rule'
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+is_object_valid '../../data/firewallv6/rules' 'RULE' "$rule"
+is_object_suspended '../../data/firewallv6/rules' 'RULE' "$rule"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Suspending rule
+update_object_value ../../data/firewallv6/rules RULE $rule '$SUSPENDED' no
+
+# Updating system firewall
+$BIN/v-update-firewall-ipv6
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-unsuspend-web-domain

@@ -51,7 +51,9 @@ local_ip=$(get_real_ip $IP)
 # Preparing domain values for the template substitution
 prepare_web_domain_values
 
-# Rebuilding vhost
+# Rebuilding vhost IPv4
+if [ ! -z "$local_ip" ]; then
+    old=$local_ip
     del_web_config "$WEB_SYSTEM" "$TPL.tpl"
     add_web_config "$WEB_SYSTEM" "$TPL.tpl"
     if [ "$SSL" = 'yes' ]; then
@@ -68,6 +70,30 @@ if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
             add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
         fi
     fi
+fi
+  
+# Rebuilding vhost IPv6
+if [ ! -z "$IP6" ]; then
+    old=$IP6
+    local_ip=""
+    ipv6=$IP6
+    del_web_config "$WEB_SYSTEM" "$TPL.tpl"
+    add_web_config "$WEB_SYSTEM" "$TPL.tpl"
+      if [ "$SSL" = 'yes' ]; then
+        del_web_config "$WEB_SYSTEM" "$TPL.stpl"
+        add_web_config "$WEB_SYSTEM" "$TPL.stpl"
+    fi
+
+    # Rebuilding proxy configuration
+    if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
+        del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
+        if [ "$SSL" = 'yes' ]; then
+            del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+            add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
+        fi
+    fi
+fi
 
 
 #----------------------------------------------------------#

bin/v-update-firewall

@@ -75,7 +75,10 @@ fi
 
 # Handling local traffic
 for ip in $(ls $VESTA/data/ips); do
+    source $VESTA/data/ips/$ip
+    if [ "4" = "$VERSION" ]; then
         echo "$iptables -A INPUT -s $ip -j ACCEPT" >> $tmp
+    fi
 done
 echo "$iptables -A INPUT -s 127.0.0.1 -j ACCEPT" >> $tmp
 

bin/v-update-firewall-ipv6

@@ -0,0 +1,192 @@
+#!/bin/bash
+# info: update system firewall rules
+# options: NONE
+#
+# The function updates iptables rules
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Defining absolute path for iptables and modprobe
+iptables="/sbin/ip6tables"
+modprobe="/sbin/modprobe"
+sysctl="/sbin/sysctl"
+
+# Includes
+source /etc/profile.d/vesta.sh
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Checking local IPv6 rules
+rules="$VESTA/data/firewallv6/rules.conf"
+ports="$VESTA/data/firewallv6/ports.conf"
+
+if [ ! -e "$rules" ]; then
+    exit
+fi
+
+$sysctl net.netfilter.nf_conntrack_max >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+    conntrack='no'
+fi
+
+# Checking conntrack module avaiabilty
+$modprobe nf_conntrack >/dev/null 2>&1
+$modprobe nf_conntrack_ftp >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+    conntrack_ftp='no'
+fi
+
+# Checking custom OpenSSH  port
+sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2)
+if [[ "$sshport" =~ ^[0-9]+$ ]] && [ "$sshport" -ne "22"  ]; then
+    sed -i "s/PORT='22'/PORT=\'$sshport\'/" $rules
+fi
+
+# Creating temporary file
+tmp=$(mktemp)
+
+# Flushing INPUT chain
+echo "$iptables -P INPUT ACCEPT" >> $tmp
+echo "$iptables -F INPUT" >> $tmp
+
+# Enabling stateful support
+if [ "$conntrack" != 'no' ]; then
+    str="$iptables -A INPUT -m state"
+    str="$str --state ESTABLISHED,RELATED -j ACCEPT"
+    echo "$str" >> $tmp
+fi
+
+# Handling local traffic
+for ip in $(ls $VESTA/data/ips); do
+    source $VESTA/data/ips/$ip
+    if [ "6" = "$VERSION" ]; then
+        echo "$iptables -A INPUT -s $ip -j ACCEPT" >> $tmp
+    fi
+done
+echo "$iptables -A INPUT -s ::1 -j ACCEPT" >> $tmp
+
+# Pasring iptables rules
+IFS=$'\n'
+for line in $(sort -r -n -k 2 -t \' $rules); do
+    eval $line
+    if [ "$SUSPENDED" = 'no' ]; then
+        proto="-p $PROTOCOL"
+        port="--dport $PORT"
+        ip="-s $IP6"
+        state=""
+        action="-j $ACTION"
+
+        # Adding multiport module
+        if [[ "$PORT" =~ ,|-|: ]] ; then
+            port="-m multiport --dports ${PORT//-/:}"
+        fi
+
+        # Accepting all dst ports
+        if [[ "$PORT" = "0" ]] || [ "$PROTOCOL" = 'ICMPV6' ]; then
+            port=""
+        fi
+
+        # Checking FTP for contrack module
+        if [ "$TYPE" = "FTP" ] || [ "$PORT" = '21' ]; then
+            if [ "$conntrack_ftp" != 'no' ]; then
+                state="-m conntrack --ctstate NEW"
+            else
+                port="-m multiport --dports 20,21,12000:12100"
+            fi
+            ftp="yes"
+        fi
+
+        # Adding firewall rule
+        echo "$iptables -A INPUT $proto $port $ip $state $action" >> $tmp
+    fi
+done
+
+# Switching chain policy to DROP
+echo "$iptables -P INPUT DROP" >> $tmp
+
+# Adding vesta chain
+echo "$iptables -N vesta" >> $tmp
+
+# Applying rules
+bash $tmp 2>/dev/null
+
+# Deleting temporary file
+rm -f $tmp
+
+# Checking custom trigger
+if [ -x "$VESTA/data/firewallv6/custom.sh" ]; then
+    bash $VESTA/data/firewallv6/custom.sh
+fi
+
+# Checking fail2ban support
+if [ ! -z "$FIREWALL_EXTENSION" ]; then
+    for chain in $(cat $VESTA/data/firewallv6/chains.conf 2>/dev/null); do
+        eval $chain
+        if [[ "$PORT" =~ ,|-|: ]] ; then
+            port="-m multiport --dports $PORT"
+        else
+            port="--dport $PORT"
+        fi
+        echo "$iptables -N fail2ban-$CHAIN" >> $tmp
+        echo "$iptables -F fail2ban-$CHAIN" >> $tmp
+        echo "$iptables -I fail2ban-$CHAIN -s ::/0 -j RETURN" >> $tmp
+        echo "$iptables -I INPUT -p $PROTOCOL $port -j fail2ban-$CHAIN" >>$tmp
+    done
+    bash $tmp 2>/dev/null
+    rm -f $tmp
+
+    for ban in $(cat $VESTA/data/firewallv6/banlist.conf 2>/dev/null); do
+        eval $ban
+        echo -n "$iptables -I fail2ban-$CHAIN 1 -s $IP" >> $tmp
+        echo " -j REJECT --reject-with icmp-port-unreachable" >> $tmp
+    done
+    bash $tmp 2>/dev/null
+    rm -f $tmp
+fi
+
+# Saving rules to the master iptables file
+if [ -e "/etc/redhat-release" ]; then
+    /sbin/ip6tables-save > /etc/sysconfig/ip6tables
+    if [ -z "$(ls /etc/rc3.d/S*ip6tables 2>/dev/null)" ]; then
+        /sbin/chkconfig ip6tables on
+    fi
+else
+    /sbin/ip6tables-save > /etc/ip6tables.rules
+    preup="/etc/network/if-pre-up.d/iptables"
+    if [ ! -e "$preup" ]; then
+        echo '#!/bin/sh' > $preup
+        echo "/sbin/ip6tables-restore < /etc/ip6tables.rules" >> $preup
+        echo "exit 0" >> $preup
+        chmod +x $preup
+    fi
+fi
+
+# Worarkound for OpenVZ
+if [ -e "/proc/vz/veinfo" ]; then
+    dig @8.8.8.8 google.com +time=1 +tries=1 >/dev/null 2>&1
+    if [ "$?" -ne 0 ]; then
+        $BIN/v-stop-firewall-ipv6
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+exit

bin/v-update-user-counters

@@ -51,6 +51,8 @@ for user in $user_list; do
     SUSPENDED_CRON=0
     IP_AVAIL=0
     IP_OWNED=0
+    IP6_AVAIL=0
+    IP6_OWNED=0
     U_USERS=0
     U_DISK=0
     DISK=0 
@@ -89,6 +91,7 @@ for user in $user_list; do
     # Checking ip
     for ip in $(ls $VESTA/data/ips) ;do
         source $VESTA/data/ips/$ip
+        if [ "$VERSION" = "4" ]; then
             if [ "$OWNER" = "$user" ]; then
                 IP_OWNED=$((IP_OWNED + 1))
                 IP_AVAIL=$((IP_AVAIL + 1))
@@ -96,9 +99,19 @@ for user in $user_list; do
             if [ "$OWNER" = 'admin' ] && [ "$STATUS" = 'shared' ]; then
                 IP_AVAIL=$((IP_AVAIL + 1))
             fi
+        else
+            if [ "$OWNER" = "$user" ]; then
+                IP6_OWNED=$((IP6_OWNED + 1))
+                IP6_AVAIL=$((IP6_AVAIL + 1))
+            fi
+            if [ "$OWNER" = 'admin' ] && [ "$STATUS" = 'shared' ]; then
+                IP6_AVAIL=$((IP6_AVAIL + 1))
+            fi
+        fi
     done
     if [ "$user" = 'admin' ]; then
-        IP_AVAIL=$(ls $VESTA/data/ips | wc -l)
+        IP_AVAIL=$(ls $VESTA/data/ips | grep VERSION='4' | wc -l)
+        IP6_AVAIL=$(ls $VESTA/data/ips | grep VERSION='6' | wc -l)
     fi
 
     # Checking web system
@@ -186,6 +199,8 @@ for user in $user_list; do
     update_user_value "$user" '$SUSPENDED_CRON' "$SUSPENDED_CRON"
     update_user_value "$user" '$IP_AVAIL' "$IP_AVAIL"
     update_user_value "$user" '$IP_OWNED' "$IP_OWNED"
+    update_user_value "$user" '$IP6_AVAIL' "$IP6_AVAIL"
+    update_user_value "$user" '$IP6_OWNED' "$IP6_OWNED"
     update_user_value "$user" '$U_USERS' "$U_USERS"
     update_user_value "$user" '$U_DISK' "$U_DISK"
     update_user_value "$user" '$U_DISK_DIRS' "$U_DISK_DIRS"

bin/v-update-user-stats

@@ -46,6 +46,7 @@ fi
 
 # Reset overal statistics
 TOTAL_IP_OWNED=0
+TOTAL_IP6_OWNED=0
 TOTAL_U_DISK=0
 TOTAL_U_DISK_DIRS=0
 TOTAL_U_DISK_WEB=0
@@ -76,7 +77,7 @@ for user in $user_list; do
     DATE=$(date -d "$next_month -1day" +%F)
 
     # Compiling report string
-    s="DATE='$DATE' TIME='$TIME' PACKAGE='$PACKAGE' IP_OWNED='$IP_OWNED'"
+    s="DATE='$DATE' TIME='$TIME' PACKAGE='$PACKAGE' IP_OWNED='$IP_OWNED' IP6_OWNED='$IP6_OWNED'"
     s="$s DISK_QUOTA='$DISK_QUOTA' U_DISK='$U_DISK'"
     s="$s U_DISK_DIRS='$U_DISK_DIRS' U_DISK_WEB='$U_DISK_WEB'"
     s="$s U_DISK_MAIL='$U_DISK_MAIL' U_DISK_DB='$U_DISK_DB'"
@@ -109,6 +110,7 @@ for user in $user_list; do
 
     # Increase overall counters
     TOTAL_IP_OWNED=$((TOTAL_IP_OWNED + IP_OWNED))
+    TOTAL_IP6_OWNED=$((TOTAL_IP6_OWNED + IP6_OWNED))
     TOTAL_U_DISK=$((TOTAL_U_DISK + U_DISK))
     TOTAL_U_DISK_DIRS=$((TOTAL_U_DISK_DIRS + U_DISK_DIRS))
     TOTAL_U_DISK_WEB=$((TOTAL_U_DISK_WEB + U_DISK_WEB))
@@ -133,7 +135,7 @@ done
 # Updating overall stats
 stats="$VESTA/data/users/admin/overall_stats.log"
 
-s="DATE='$DATE' TIME='$TIME' PACKAGE='default' IP_OWNED='$TOTAL_IP_OWNED'"
+s="DATE='$DATE' TIME='$TIME' PACKAGE='default' IP6_OWNED='$TOTAL_IP_OWNED' IP6_OWNED='$TOTAL_IP6_OWNED'"
 s="$s DISK_QUOTA='0' U_DISK='$TOTAL_U_DISK' U_DISK_DIRS='$TOTAL_U_DISK_DIRS'"
 s="$s U_DISK_WEB='$TOTAL_U_DISK_WEB' U_DISK_MAIL='$TOTAL_U_DISK_MAIL'"
 s="$s U_DISK_DB='$TOTAL_U_DISK_DB' BANDWIDTH='0'"

func/domain.sh

@@ -175,8 +175,10 @@ add_web_config() {
     domain_idn=$domain
     format_domain_idn
 
+    if [ ! -z $local_ip ]; then
 	    cat $WEBTPL/$1/$WEB_BACKEND/$2 | \
 	        sed -e "s|%ip%|$local_ip|g" \
+	            -e "s|%ipv6%|$ipv6|g" \
 	            -e "s|%domain%|$domain|g" \
 	            -e "s|%domain_idn%|$domain_idn|g" \
 	            -e "s|%alias%|${aliases//,/ }|g" \
@@ -203,6 +205,38 @@ add_web_config() {
 	            -e "s|%ssl_ca_str%|$ssl_ca_str|g" \
 	            -e "s|%ssl_ca%|$ssl_ca|g" \
 	    > $conf
+    fi
+    
+    if [ ! -z $ipv6 ] && [ "$ipv6" != "no" ]; then
+        cat $WEBTPL/$1/$WEB_BACKEND/$2 | \
+            sed -e "s|%ip%|[$ipv6]|g" \
+                -e "s|%domain%|$domain|g" \
+                -e "s|%domain_idn%|$domain_idn|g" \
+                -e "s|%alias%|${aliases//,/ }|g" \
+                -e "s|%alias_idn%|${aliases_idn//,/ }|g" \
+                -e "s|%alias_string%|$alias_string|g" \
+                -e "s|%email%|info@$domain|g" \
+                -e "s|%web_system%|$WEB_SYSTEM|g" \
+                -e "s|%web_port%|$WEB_PORT|g" \
+                -e "s|%web_ssl_port%|$WEB_SSL_PORT|g" \
+                -e "s|%backend_lsnr%|$backend_lsnr|g" \
+                -e "s|%rgroups%|$WEB_RGROUPS|g" \
+                -e "s|%proxy_system%|$PROXY_SYSTEM|g" \
+                -e "s|%proxy_port%|$PROXY_PORT|g" \
+                -e "s|%proxy_ssl_port%|$PROXY_SSL_PORT|g" \
+                -e "s/%proxy_extentions%/${PROXY_EXT//,/|}/g" \
+                -e "s|%user%|$user|g" \
+                -e "s|%group%|$user|g" \
+                -e "s|%home%|$HOMEDIR|g" \
+                -e "s|%docroot%|$docroot|g" \
+                -e "s|%sdocroot%|$sdocroot|g" \
+                -e "s|%ssl_crt%|$ssl_crt|g" \
+                -e "s|%ssl_key%|$ssl_key|g" \
+                -e "s|%ssl_pem%|$ssl_pem|g" \
+                -e "s|%ssl_ca_str%|$ssl_ca_str|g" \
+                -e "s|%ssl_ca%|$ssl_ca|g" \
+        > $conf
+    fi
 
     chown root:$user $conf
     chmod 640 $conf
@@ -222,8 +256,7 @@ add_web_config() {
 
     if [ -x "$WEBTPL/$1/$WEB_BACKEND/$trigger" ]; then
         $WEBTPL/$1/$WEB_BACKEND/$trigger \
-            $user $domain $local_ip $HOMEDIR \
-            $HOMEDIR/$user/web/$domain/public_html
+            $user $domain $local_ip $ipv6 $HOMEDIR $HOMEDIR/$user/web/$domain/public_html
     fi
 
     if [[ "$2" =~ ^PHP-FPM ]]; then
@@ -233,6 +266,13 @@ add_web_config() {
 
 # Get config top and bottom line number
 get_web_config_lines() {
+    v_ip=""
+    if [ ! -z $old ]; then
+        v_ip=$old
+    fi
+    if [ -z "$v_ip" ]; then
+        check_result $E_PARSING "V_IP in get_web_config_lines is empty"
+    fi
     tpl_lines=$(egrep -ni "name %domain_idn%" $1 |grep -w %domain_idn%)
     tpl_lines=$(echo "$tpl_lines" |cut -f 1 -d :)
     tpl_last_line=$(wc -l $1 |cut -f 1 -d ' ')
@@ -242,9 +282,9 @@ get_web_config_lines() {
 
     domain_idn=$domain
     format_domain_idn
-    vhost_lines=$(grep -niF "name $domain_idn" $2)
+    vhost_lines=$(grep -ni -A2 "$v_ip" $2| grep -iF "name $domain_idn")
     vhost_lines=$(echo "$vhost_lines" |egrep "$domain_idn($| |;)") #"
-    vhost_lines=$(echo "$vhost_lines" |cut -f 1 -d :)
+    vhost_lines=$(echo "$vhost_lines" |cut -f 1 -d : |cut -f 1 -d \-)
     if [ -z "$vhost_lines" ]; then
         check_result $E_PARSING "can't parse config $2"
     fi
@@ -535,7 +575,122 @@ is_dns_nameserver_valid() {
     fi
 }
 
+# Add DNS config
+add_dns_config() {
+    spfip4=""
+    spfip6=""
+    if [ ! -z $ip ]; then
+        spfipv4="ip4:$ip";
+    fi
+    if [ ! -z $ipv6 ]; then
+        spfipv6="ip6:$ipv6";
+    fi
     
+    # Adding dns zone to the user config
+    echo "$template_data" | grep -v '%ip' |\
+        sed -e "s/%ip%/$ip/g" \
+            -e "s/%ipv6%/$ipv6/g" \
+            -e "s/%domain_idn%/$domain_idn/g" \
+            -e "s/%domain%/$domain/g" \
+            -e "s/%spfip4%/$spfipv4/g" \
+            -e "s/%spfip6%/$spfipv6/g" \
+            -e "s/%ns1%/$ns1/g" \
+            -e "s/%ns2%/$ns2/g" \
+            -e "s/%ns3%/$ns3/g" \
+            -e "s/%ns4%/$ns4/g" \
+            -e "s/%ns5%/$ns5/g" \
+            -e "s/%ns6%/$ns6/g" \
+            -e "s/%ns7%/$ns7/g" \
+            -e "s/%ns8%/$ns8/g" \
+            -e "s/%time%/$time/g" \
+            -e "s/%date%/$date/g" > $USER_DATA/dns/$domain.conf
+    if [ ! -z $ip ]; then
+      echo "$template_data" |grep "%ip%" |\
+          sed -e "s/%ip%/$ip/g" \
+              -e "s/%ipv6%/$ipv6/g" \
+              -e "s/%domain_idn%/$domain_idn/g" \
+              -e "s/%domain%/$domain/g" \
+              -e "s/%ns1%/$ns1/g" \
+              -e "s/%ns2%/$ns2/g" \
+              -e "s/%ns3%/$ns3/g" \
+              -e "s/%ns4%/$ns4/g" \
+              -e "s/%ns5%/$ns5/g" \
+              -e "s/%ns6%/$ns6/g" \
+              -e "s/%ns7%/$ns7/g" \
+              -e "s/%ns8%/$ns8/g" \
+              -e "s/%time%/$time/g" \
+              -e "s/%date%/$date/g" >> $USER_DATA/dns/$domain.conf
+    fi
+
+    if [ ! -z $ipv6 ]; then
+      echo "$template_data" |grep "%ipv6%" |\
+          sed -e "s/%ip%/$ip/g" \
+              -e "s/%ipv6%/$ipv6/g" \
+              -e "s/%domain_idn%/$domain_idn/g" \
+              -e "s/%domain%/$domain/g" \
+              -e "s/%ns1%/$ns1/g" \
+              -e "s/%ns2%/$ns2/g" \
+              -e "s/%ns3%/$ns3/g" \
+              -e "s/%ns4%/$ns4/g" \
+              -e "s/%ns5%/$ns5/g" \
+              -e "s/%ns6%/$ns6/g" \
+              -e "s/%ns7%/$ns7/g" \
+              -e "s/%ns8%/$ns8/g" \
+              -e "s/%time%/$time/g" \
+              -e "s/%date%/$date/g" >> $USER_DATA/dns/$domain.conf
+    fi
+}
+
+#Add DNS records
+add_dns_config_records() {
+    template_data=$(cat $DNSTPL/$TPL.tpl)
+
+    # Adding dns zone to the user config
+    template_data=$(echo "$template_data" |grep -v "v=spf1" |egrep "%ip(v6)?%")
+    if [ ! -z "$ip" ]; then
+        template_data=$(echo "$template_data" |grep "%ip%")
+    fi
+    if [ ! -z "$ipv6" ]; then
+        template_data=$(echo "$template_data" |grep "%ipv6%")
+    fi
+    
+    echo "$template_data" |\
+        sed -e "s/%ip%/$ip/g" \
+            -e "s/%ipv6%/$ipv6/g" \
+            -e "s/%time%/$time/g" \
+            -e "s/%date%/$date/g" \
+        |awk -F 'ID=' '{print $2}' \
+        |cut -d\' --complement -s -f1,2 \
+    | while read line; do
+        id=""
+        get_next_dnsrecord
+        echo "ID='$id' $line" >> $USER_DATA/dns/$domain.conf
+    done
+}
+
+#Remove DNS records
+remove_dns_config_records() {
+    template_data=$(cat $DNSTPL/$TPL.tpl)
+    
+    # Search template data
+    template_data=$(echo "$template_data" |grep -v "v=spf1" |egrep "%ip(v6)?%")
+    if [ -z "$ip" ]; then
+        template_data=$(echo "$template_data" |grep "%ip%")
+    fi
+    if [ -z "$ipv6" ]; then
+        template_data=$(echo "$template_data" |grep "%ipv6%")
+    fi
+    
+    echo "$template_data" |\
+        sed -e "s/%ip%/$old/g" \
+            -e "s/%ipv6%/$old/g" \
+        |awk -F 'ID=' '{print $2}' \
+        |cut -d\' --complement -s -f1,2 \
+        |awk -F ' SUSPENDED=' '{print $1}' \
+    | while read line; do
+        sed -i "/$line/d" $USER_DATA/dns/$domain.conf
+    done
+}
 
 #----------------------------------------------------------#
 #                       MAIL                               #

func/ip.sh

@@ -55,7 +55,7 @@ update_ip_value() {
 
 # Get ip name
 get_ip_alias() {
-    ip_name=$(grep "NAME=" $VESTA/data/ips/$local_ip |cut -f 2 -d \')
+    ip_name=$(grep "NAME=" $VESTA/data/ips/$local_ip 2>/dev/null |cut -f 2 -d \')
     if [ ! -z "$ip_name" ]; then
         echo "${1//./-}.$ip_name"
     fi
@@ -64,6 +64,7 @@ get_ip_alias() {
 # Increase ip value
 increase_ip_value() {
     sip=${1-ip}
+    if [ "$sip" != "no" ] && [ ! -z "$sip" ]; then
         USER=$user
         web_key='U_WEB_DOMAINS'
         usr_key='U_SYS_USERS'
@@ -90,11 +91,13 @@ increase_ip_value() {
             $VESTA/data/ips/$sip
         sed -i "s/$usr_key='$current_usr'/$usr_key='$new_usr'/g" \
             $VESTA/data/ips/$sip
+    fi
 }
 
 # Decrease ip value
 decrease_ip_value() {
     sip=${1-ip}
+    if [ "$sip" != "no" ] && [ ! -z "$sip" ]; then
         USER=$user
         web_key='U_WEB_DOMAINS'
         usr_key='U_SYS_USERS'
@@ -122,6 +125,7 @@ decrease_ip_value() {
             $VESTA/data/ips/$sip
         sed -i "s/$usr_key='$current_usr'/$usr_key='$new_usr'/g" \
             $VESTA/data/ips/$sip
+    fi
 }
 
 # Get ip address value
@@ -195,10 +199,10 @@ get_broadcast() {
 
 # Get user ips
 get_user_ips() {
-    dedicated=$(grep -H "OWNER='$user'" $VESTA/data/ips/*)
-    dedicated=$(echo "$dedicated" |cut -f 1 -d : |sed 's=.*/==')
-    shared=$(grep -H -A1 "OWNER='admin'" $VESTA/data/ips/* |grep shared)
-    shared=$(echo "$shared" |cut -f 1 -d : |sed 's=.*/==' |cut -f 1 -d \-)
+    dedicated=$(grep -H -A10 "OWNER='$user'" $VESTA/data/ips/* |grep "VERSION='4'")
+    dedicated=$(echo "$dedicated" |cut -f 1 -d '-' |sed 's=.*/==')
+    shared=$(grep -H -A10 "OWNER='admin'" $VESTA/data/ips/* |grep -A10 shared |grep "VERSION='4'")
+    shared=$(echo "$shared" |cut -f 1 -d '-' |sed 's=.*/==' |cut -f 1 -d \-)
     for dedicated_ip in $dedicated; do
         shared=$(echo "$shared" |grep -v $dedicated_ip)
     done
@@ -209,7 +213,8 @@ get_user_ips() {
 get_user_ip() {
     ip=$(get_user_ips |head -n1)
     if [ -z "$ip" ]; then
-        check_result $E_NOTEXIST "no IP is available"
+        ip="no"
+        #check_result $E_NOTEXIST "no IP is available"
     fi
     local_ip=$ip
     nat=$(grep "^NAT" $VESTA/data/ips/$ip |cut -f 2 -d \')

func/ipv6.sh

@@ -0,0 +1,224 @@
+# Check ipv6 ownership
+is_ipv6_owner() {
+    owner=$(grep 'OWNER=' $VESTA/data/ips/$ipv6 |cut -f 2 -d \')
+    if [ "$owner" != "$user" ]; then
+        check_result $E_FORBIDEN "$ipv6 is not owned by $user"
+    fi
+}
+
+# Check if ipv6 address is free
+is_ipv6_free() {
+    if [ -e "$VESTA/data/ips/$ipv6" ]; then
+        check_result $E_EXISTS "$ipv6 is already exists"
+    fi
+}
+
+# Get full interface name
+get_ipv6_iface() {
+    i=$(/sbin/ip addr |grep -w $interface |\
+         awk '{print $NF}' |tail -n 1 |cut -f 2 -d :)
+    if [ "$i" = "$interface" ]; then
+        n=0
+    else
+        n=$((i + 1))
+    fi
+    echo "$interface:$n"
+}
+
+
+# Check ipv6 address speciefic value
+is_ipv6_key_empty() {
+    key="$1"
+    string=$(cat $VESTA/data/ips/$ipv6)
+    eval $string
+    eval value="$key"
+    if [ ! -z "$value" ] && [ "$value" != '0' ]; then
+        key="$(echo $key|sed -e "s/\$U_//")"
+        check_result $E_EXISTS "IP6 is in use / $key = $value"
+    fi
+}
+
+# Update ipv6 address value
+update_ipv6_value() {
+    key="$1"
+    value="$2"
+    conf="$VESTA/data/ips/$ipv6"
+    str=$(cat $conf)
+    eval $str
+    c_key=$(echo "${key//$/}")
+    eval old="${key}"
+    old=$(echo "$old" | sed -e 's/\\/\\\\/g' -e 's/&/\\&/g' -e 's/\//\\\//g')
+    new=$(echo "$value" | sed -e 's/\\/\\\\/g' -e 's/&/\\&/g' -e 's/\//\\\//g')
+    sed -i "$str_number s/$c_key='${old//\*/\\*}'/$c_key='${new//\*/\\*}'/g"\
+        $conf
+}
+
+# Get ipv6 name
+get_ipv6_alias() {
+    ip_name=$(grep "NAME=" $VESTA/data/ips/$ipv6 2> /dev/null |cut -f 2 -d \')
+    if [ ! -z "$ip_name" ]; then
+        echo "${1//./-}.$ip_name"
+    fi
+}
+
+# Increase ipv6 value
+increase_ipv6_value() {
+    sip=${1-ipv6}
+    if [ "$sip" != "no" ] && [ ! -z "$sip" ]; then
+        USER=$user
+        web_key='U_WEB_DOMAINS'
+        usr_key='U_SYS_USERS'
+        current_web=$(grep "$web_key=" $VESTA/data/ips/$sip |cut -f 2 -d \')
+        current_usr=$(grep "$usr_key=" $VESTA/data/ips/$sip |cut -f 2 -d \')
+        if [ -z "$current_web" ]; then
+            echo "Error: Parsing error"
+            log_event "$E_PARSING" "$ARGUMENTS"
+            exit $E_PARSING
+        fi
+        new_web=$((current_web + 1))
+        if [ -z "$current_usr" ]; then
+            new_usr="$USER"
+        else
+            check_usr=$(echo -e "${current_usr//,/\n}" |grep -w $USER)
+            if [ -z "$check_usr" ]; then
+                new_usr="$current_usr,$USER"
+            else
+                new_usr="$current_usr"
+            fi
+        fi
+
+        sed -i "s/$web_key='$current_web'/$web_key='$new_web'/g" \
+            $VESTA/data/ips/$sip
+        sed -i "s/$usr_key='$current_usr'/$usr_key='$new_usr'/g" \
+            $VESTA/data/ips/$sip
+    fi
+}
+
+# Decrease ipv6 value
+decrease_ipv6_value() {
+    sip=${1-ipv6}
+    if [ "$sip" != "no" ] && [ ! -z "$sip" ]; then
+        USER=$user
+        web_key='U_WEB_DOMAINS'
+        usr_key='U_SYS_USERS'
+
+        current_web=$(grep "$web_key=" $VESTA/data/ips/$sip |cut -f 2 -d \')
+        current_usr=$(grep "$usr_key=" $VESTA/data/ips/$sip |cut -f 2 -d \')
+
+        if [ -z "$current_web" ]; then
+            check_result $E_PARSING "Parsing error"
+        fi
+
+        new_web=$((current_web - 1))
+        check_ip=$(grep $sip $USER_DATA/web.conf |wc -l)
+        if [ "$check_ip" -lt 2 ]; then
+            new_usr=$(echo "$current_usr" |\
+                sed "s/,/\n/g"|\
+                sed "s/^$user$//g"|\
+                sed "/^$/d"|\
+                sed ':a;N;$!ba;s/\n/,/g')
+        else
+            new_usr="$current_usr"
+        fi
+
+        sed -i "s/$web_key='$current_web'/$web_key='$new_web'/g" \
+            $VESTA/data/ips/$sip
+        sed -i "s/$usr_key='$current_usr'/$usr_key='$new_usr'/g" \
+            $VESTA/data/ips/$sip
+    fi
+}
+
+# Get ipv6 address value
+get_ipv6_value() {
+    key="$1"
+    string=$(cat $VESTA/data/ips/$ip)
+    eval $string
+    eval value="$key"
+    echo "$value"
+}
+
+
+# Get real ipv6 address
+get_real_ipv6() {
+    if [ -e "$VESTA/data/ips/$1" ]; then
+        echo $1
+    else
+        nat=$(grep -H "^NAT='$1'" $VESTA/data/ips/*)
+        if [ ! -z "$nat" ]; then
+            echo "$nat" |cut -f 1 -d : |cut -f 7 -d /
+        fi
+    fi
+}
+
+# Convert CIDR to netmask
+convert_cidrv6() {
+    set -- $(( 5 - ($1 / 8) )) 255 255 255 255 \
+        $(((255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+    if [[ $1 -gt 1 ]]; then
+        shift $1
+    else
+        shift
+    fi
+    echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
+# Convert netmask to CIDR
+convert_netmaskv6() {
+    nbits=0
+    IFS=.
+    for dec in $1 ; do
+        case $dec in
+            255) let nbits+=8;;
+            254) let nbits+=7;;
+            252) let nbits+=6;;
+            248) let nbits+=5;;
+            240) let nbits+=4;;
+            224) let nbits+=3;;
+            192) let nbits+=2;;
+            128) let nbits+=1;;
+            0);;
+        esac
+    done
+    echo "$nbits"
+}
+
+# Get user ips
+get_user_ip6s() {
+    dedicated=$(grep -H -A10 "OWNER='$user'" $VESTA/data/ips/* |grep "VERSION='6'")
+    dedicated=$(echo "$dedicated" |cut -f 1 -d '-' |sed 's=.*/==')
+    shared=$(grep -H -A10 "OWNER='admin'" $VESTA/data/ips/* |grep -A10 shared |grep "VERSION='6'")
+    shared=$(echo "$shared" |cut -f 1 -d '-' |sed 's=.*/==' |cut -f 1 -d \-)
+    for dedicated_ip in $dedicated; do
+        shared=$(echo "$shared" |grep -v $dedicated_ip)
+    done
+    echo -e "$dedicated\n$shared" |sed "/^$/d"
+}
+
+# Get user ipv6
+get_user_ipv6() {
+    ipv6=$(get_user_ip6s |head -n1)
+    if [ -z "$ipv6" ]; then
+        ipv6="no"
+        #check_result $E_NOTEXIST "no IP6 is available"
+    fi
+}
+
+# Validate ipv6 address
+is_ipv6_valid() {
+    ipv6="$1"
+    if [ ! -e "$VESTA/data/ips/$1" ]; then
+        check_result $E_NOTEXIST "IP6 $1 doesn't exist"
+    fi
+    if [ ! -z $2 ]; then
+        ip_data=$(cat $VESTA/data/ips/$1)
+        ip_owner=$(echo "$ip_data" |grep OWNER= |cut -f2 -d \')
+        ip_status=$(echo "$ip_data" |grep STATUS= |cut -f2 -d \')
+        if [ "$ip_owner" != "$user" ] && [ "$ip_status" = 'dedicated' ]; then
+            check_result $E_FORBIDEN "$user user can't use IP6 $1"
+        fi
+        get_user_owner
+        if [ "$ip_owner" != "$user" ] && [ "$ip_owner" != "$owner" ]; then
+            check_result $E_FORBIDEN "$user user can't use IP6 $1"
+        fi
+    fi
+}

func/main.sh

@@ -590,6 +590,104 @@ is_ip_format_valid() {
     fi
 }
 
+# IPv6 format validator
+is_ipv6_format_valid() {
+    object_name=${2-ip6}
+    ip_regex='([1-9]?[0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])'
+	t_ip=$(echo $1 |awk -F / '{print $1}')
+    t_cidr=$(echo $1 |awk -F / '{print $2}')
+    valid_cidr=1
+    
+    WORD="[0-9A-Fa-f]\{1,4\}"
+    # flat address, no compressed words
+    FLAT="^${WORD}\(:${WORD}\)\{7\}$"
+    
+    COMP2="^\(${WORD}:\)\{1,1\}\(:${WORD}\)\{1,6\}$"
+    COMP3="^\(${WORD}:\)\{1,2\}\(:${WORD}\)\{1,5\}$"
+    COMP4="^\(${WORD}:\)\{1,3\}\(:${WORD}\)\{1,4\}$"
+    COMP5="^\(${WORD}:\)\{1,4\}\(:${WORD}\)\{1,3\}$"
+    COMP6="^\(${WORD}:\)\{1,5\}\(:${WORD}\)\{1,2\}$"
+    COMP7="^\(${WORD}:\)\{1,6\}\(:${WORD}\)\{1,1\}$"
+    # trailing :: edge case, includes case of only :: (all 0's)
+    EDGE_TAIL="^\(\(${WORD}:\)\{1,7\}\|:\):$"
+    # leading :: edge case
+    EDGE_LEAD="^:\(:${WORD}\)\{1,7\}$"
+   
+    echo $t_ip | grep --silent "\(${FLAT}\)\|\(${COMP2}\)\|\(${COMP3}\)\|\(${COMP4}\)\|\(${COMP5}\)\|\(${COMP6}\)\|\(${COMP7}\)\|\(${EDGE_TAIL}\)\|\(${EDGE_LEAD}\)"
+    if [ $? -ne 0 ]; then
+        check_result $E_INVALID "invalid $object_name format :: $1"
+    fi
+    
+    if [ ! -z "$(echo $1|grep '/')" ]; then
+        if [[ "$t_cidr" -lt 0 ]] || [[ "$t_cidr" -gt 128 ]]; then
+            valid_cidr=0
+        fi
+        if ! [[ "$t_cidr" =~ ^[0-9]+$ ]]; then
+            valid_cidr=0
+        fi
+    fi
+    if [ "$valid_cidr" -eq 0 ]; then
+        check_result $E_INVALID "invalid $object_name format :: $1"
+    fi
+}
+
+is_ip46_format_valid() {
+    t_ip=$(echo $1 |awk -F / '{print $1}')
+    t_cidr=$(echo $1 |awk -F / '{print $2}')
+    valid_octets=0
+    valid_cidr=1
+    for octet in ${t_ip//./ }; do
+        if [[ $octet =~ ^[0-9]{1,3}$ ]] && [[ $octet -le 255 ]]; then
+            ((++valid_octets))
+        fi
+    done
+
+    if [ ! -z "$(echo $1|grep '/')" ]; then
+        if [[ "$t_cidr" -lt 0 ]] || [[ "$t_cidr" -gt 32 ]]; then
+            valid_cidr=0
+        fi
+        if ! [[ "$t_cidr" =~ ^[0-9]+$ ]]; then
+            valid_cidr=0
+        fi
+    fi
+    if [ "$valid_octets" -lt 4 ] || [ "$valid_cidr" -eq 0 ]; then
+        #Check IPV6
+        ipv6_valid=""
+        WORD="[0-9A-Fa-f]\{1,4\}"
+        # flat address, no compressed words
+        FLAT="^${WORD}\(:${WORD}\)\{7\}$"
+
+        COMP2="^\(${WORD}:\)\{1,1\}\(:${WORD}\)\{1,6\}$"
+        COMP3="^\(${WORD}:\)\{1,2\}\(:${WORD}\)\{1,5\}$"
+        COMP4="^\(${WORD}:\)\{1,3\}\(:${WORD}\)\{1,4\}$"
+        COMP5="^\(${WORD}:\)\{1,4\}\(:${WORD}\)\{1,3\}$"
+        COMP6="^\(${WORD}:\)\{1,5\}\(:${WORD}\)\{1,2\}$"
+        COMP7="^\(${WORD}:\)\{1,6\}\(:${WORD}\)\{1,1\}$"
+        # trailing :: edge case, includes case of only :: (all 0's)
+        EDGE_TAIL="^\(\(${WORD}:\)\{1,7\}\|:\):$"
+        # leading :: edge case
+        EDGE_LEAD="^:\(:${WORD}\)\{1,7\}$"
+
+        echo $t_ip | grep --silent "\(${FLAT}\)\|\(${COMP2}\)\|\(${COMP3}\)\|\(${COMP4}\)\|\(${COMP5}\)\|\(${COMP6}\)\|\(${COMP7}\)\|\(${EDGE_TAIL}\)\|\(${EDGE_LEAD}\)"
+        if [ $? -ne 0 ]; then
+           ipv6_valid="INVALID"
+        fi
+
+        if [ ! -z "$(echo $1|grep '/')" ]; then
+            if [[ "$t_cidr" -lt 0 ]] || [[ "$t_cidr" -gt 128 ]]; then
+                valid_cidr=0
+            fi
+            if ! [[ "$t_cidr" =~ ^[0-9]+$ ]]; then
+                valid_cidr=0
+            fi
+        fi
+        
+        if [ ! -z "$ipv6_valid" ] || [ "$valid_cidr" -eq 0 ]; then
+            check_result $E_INVALID "invalid IP format :: $1"
+        fi
+    fi
+}
+
 # Proxy extention format validator
 is_extention_format_valid() {
     exclude="[!|#|$|^|&|(|)|+|=|{|}|:|@|<|>|?|/|\|\"|'|;|%|\`| ]"
@@ -697,6 +795,9 @@ is_dns_record_format_valid() {
     if [ "$rtype" = 'A' ]; then
         is_ip_format_valid "$1"
     fi
+    if [ "$rtype" = 'AAAA' ]; then
+        is_ipv6_format_valid "$1"
+    fi
     if [ "$rtype" = 'NS' ]; then
         is_domain_format_valid "${1::-1}" 'ns_record'
     fi
@@ -894,6 +995,8 @@ is_format_valid() {
                 id)             is_int_format_valid "$arg" 'id' ;;
                 interface)      is_interface_format_valid "$arg" ;;
                 ip)             is_ip_format_valid "$arg" ;;
+                ipv6)           is_ipv6_format_valid "$arg" ;;
+                ip46)           is_ip46_format_valid "$arg" ;;
                 ip_name)        is_domain_format_valid "$arg" 'IP name';;
                 ip_status)      is_ip_status_format_valid "$arg" ;;
                 job)            is_int_format_valid "$arg" 'job' ;;

func/rebuild.sh

@@ -149,6 +149,7 @@ rebuild_web_domain_conf() {
 
     get_domain_values 'web'
     is_ip_valid $IP
+    is_ipv6_valid $IP6
     prepare_web_domain_values
 
     # Rebuilding domain directories
@@ -238,6 +239,7 @@ rebuild_web_domain_conf() {
         format_domain_idn
         cat $WEBTPL/$STATS/$STATS.tpl |\
             sed -e "s|%ip%|$local_ip|g" \
+                -e "s|%ipv6%|$ipv6|g" \
                 -e "s|%web_system%|$WEB_SYSTEM|g" \
                 -e "s|%domain_idn%|$domain_idn|g" \
                 -e "s|%domain%|$domain|g" \
@@ -360,8 +362,9 @@ rebuild_dns_domain_conf() {
 
     # Checking zone file
     if [ ! -e "$USER_DATA/dns/$domain.conf" ]; then
-        cat $DNSTPL/$TPL.tpl |\
+        cat $DNSTPL/$TPL.tpl | grep -v '%ip' |\
             sed -e "s/%ip%/$IP/g" \
+                -e "s/%ipv6%/$IP6/g" \
                 -e "s/%domain_idn%/$domain_idn/g" \
                 -e "s/%domain%/$domain/g" \
                 -e "s/%ns1%/$ns1/g" \
@@ -370,6 +373,33 @@ rebuild_dns_domain_conf() {
                 -e "s/%ns4%/$ns4/g" \
                 -e "s/%time%/$TIME/g" \
                 -e "s/%date%/$DATE/g" > $USER_DATA/dns/$domain.conf
+        if [ ! -z $IP ] && [ "$IP" != "no" ]; then
+            cat $DNSTPL/$TPL.tpl |grep "%ip%" |\
+            sed -e "s/%ip%/$IP/g" \
+                -e "s/%ipv6%/$IP6/g" \
+                -e "s/%domain_idn%/$domain_idn/g" \
+                -e "s/%domain%/$domain/g" \
+                -e "s/%ns1%/$ns1/g" \
+                -e "s/%ns2%/$ns2/g" \
+                -e "s/%ns3%/$ns3/g" \
+                -e "s/%ns4%/$ns4/g" \
+                -e "s/%time%/$TIME/g" \
+                -e "s/%date%/$DATE/g" >> $USER_DATA/dns/$domain.conf
+        fi
+
+        if [ ! -z $IP6 ] && [ "$IP6" != "no" ]; then
+            cat $DNSTPL/$TPL.tpl |grep "%ipv6%" |\
+            sed -e "s/%ip%/$IP/g" \
+                -e "s/%ipv6%/$IP6/g" \
+                -e "s/%domain_idn%/$domain_idn/g" \
+                -e "s/%domain%/$domain/g" \
+                -e "s/%ns1%/$ns1/g" \
+                -e "s/%ns2%/$ns2/g" \
+                -e "s/%ns3%/$ns3/g" \
+                -e "s/%ns4%/$ns4/g" \
+                -e "s/%time%/$TIME/g" \
+                -e "s/%date%/$DATE/g" >> $USER_DATA/dns/$domain.conf
+        fi
     fi
 
     # Sorting records

install/debian/7/firewallv6/ports.conf

@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'

install/debian/7/firewallv6/rules.conf

@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMPV6' PORT='0' IP6='::/0' COMMENT='PING' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP6='::/0' COMMENT='VESTA' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP6='::/0' COMMENT='DB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP6='::/0' COMMENT='IMAP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP6='::/0' COMMENT='POP3' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP6='::/0' COMMENT='SMTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP6='::/0' COMMENT='FTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP6='::/0' COMMENT='WEB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP6='::/0' COMMENT='SSH' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'

install/debian/7/templates/dns/child-ns.tpl

@@ -10,5 +10,12 @@ ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%tim
 ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
-ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
-ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ip6:%ipv6% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none;"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='@' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='ns1' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='ns2' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='mail' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='19' RECORD='www' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='20' RECORD='pop' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='21' RECORD='ftp' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'

install/debian/7/templates/dns/default.tpl

@@ -14,5 +14,11 @@ ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%ti
 ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
-ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ip6:%ipv6% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='19' RECORD='@' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='20' RECORD='mail' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='21' RECORD='www' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='22' RECORD='pop' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='23' RECORD='ftp' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+

install/debian/7/templates/dns/gmail.tpl

@@ -9,4 +9,9 @@ ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPEN
 ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
-ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ip6:%ipv6% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='ftp' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='pop' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='www' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='mail' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'

install/debian/8/firewallv6/ports.conf

@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'

install/debian/8/firewallv6/rules.conf

@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMPV6' PORT='0' IP6='::/0' COMMENT='PING' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP6='::/0' COMMENT='VESTA' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP6='::/0' COMMENT='DB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP6='::/0' COMMENT='IMAP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP6='::/0' COMMENT='POP3' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP6='::/0' COMMENT='SMTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP6='::/0' COMMENT='FTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP6='::/0' COMMENT='WEB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP6='::/0' COMMENT='SSH' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'

install/debian/8/templates/dns/child-ns.tpl

@@ -10,5 +10,12 @@ ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%tim
 ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
-ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
-ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ip6:%ipv6% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none;"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='@' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='ns1' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='ns2' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='mail' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='19' RECORD='www' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='20' RECORD='pop' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='21' RECORD='ftp' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'

install/debian/8/templates/dns/default.tpl

@@ -14,5 +14,11 @@ ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%ti
 ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
-ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ip6:%ipv6% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='19' RECORD='@' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='20' RECORD='mail' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='21' RECORD='www' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='22' RECORD='pop' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='23' RECORD='ftp' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+

install/debian/8/templates/dns/gmail.tpl

@@ -9,4 +9,9 @@ ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPEN
 ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
-ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ip6:%ipv6% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='ftp' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='pop' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='www' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='mail' TYPE='AAAA' PRIORITY='' VALUE='%ipv6%' SUSPENDED='no' TIME='%time%' DATE='%date%'

install/rhel/5/dovecot/dovecot.conf

@@ -1,3 +1,4 @@
+listen = *, ::
 protocols = imap imaps pop3 pop3s
 log_path = /var/log/dovecot.log
 ssl_cert_file = /usr/local/vesta/ssl/certificate.crt

install/rhel/5/firewallv6/ports.conf

@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'

install/rhel/5/firewallv6/rules.conf

@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMPV6' PORT='0' IP6='::/0' COMMENT='PING' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP6='::/0' COMMENT='VESTA' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP6='::/0' COMMENT='DB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP6='::/0' COMMENT='IMAP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP6='::/0' COMMENT='POP3' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP6='::/0' COMMENT='SMTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP6='::/0' COMMENT='FTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP6='::/0' COMMENT='WEB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP6='::/0' COMMENT='SSH' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'

install/rhel/5/named/named.conf

@@ -6,6 +6,7 @@ options {
     version		"get lost";
     allow-transfer	{"none";};
     recursion		no;
+    listen-on-v6 { any; };
 
 };
 

install/rhel/6/dovecot/dovecot.conf

@@ -1,4 +1,4 @@
 protocols = imap pop3
-listen = *
+listen = *, ::
 base_dir = /var/run/dovecot/
 !include conf.d/*.conf

install/rhel/6/firewallv6/ports.conf

@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'

install/rhel/6/firewallv6/rules.conf

@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMPV6' PORT='0' IP6='::/0' COMMENT='PING' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP6='::/0' COMMENT='VESTA' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP6='::/0' COMMENT='DB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP6='::/0' COMMENT='IMAP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP6='::/0' COMMENT='POP3' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP6='::/0' COMMENT='SMTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP6='::/0' COMMENT='FTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP6='::/0' COMMENT='WEB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP6='::/0' COMMENT='SSH' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'

install/rhel/6/named/named.conf

@@ -6,6 +6,7 @@ options {
     version		"get lost";
     allow-transfer	{"none";};
     recursion		no;
+    listen-on-v6 { any; };
 
 };
 

install/rhel/7/dovecot/dovecot.conf

@@ -1,4 +1,4 @@
 protocols = imap pop3
-listen = *
+listen = *, ::
 base_dir = /var/run/dovecot/
 !include conf.d/*.conf

install/rhel/7/fail2ban/filter.d/vesta-ipv6.conf

@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccesfull Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex =  .* <HOST> failed to login
+ignoreregex =
+

install/rhel/7/firewallv6/ports.conf

@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'

install/rhel/7/firewallv6/rules.conf

@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMPV6' PORT='0' IP6='::/0' COMMENT='PING' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP6='::/0' COMMENT='VESTA' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP6='::/0' COMMENT='DB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP6='::/0' COMMENT='IMAP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP6='::/0' COMMENT='POP3' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP6='::/0' COMMENT='SMTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP6='::/0' COMMENT='FTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP6='::/0' COMMENT='WEB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP6='::/0' COMMENT='SSH' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'

install/rhel/7/named/named.conf

@@ -6,6 +6,7 @@ options {
     version		"get lost";
     allow-transfer	{"none";};
     recursion		no;
+    listen-on-v6 { any; };
 
 };
 

install/ubuntu/12.04/firewallv6/ports.conf

@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'

install/ubuntu/12.04/firewallv6/rules.conf

@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMPV6' PORT='0' IP6='::/0' COMMENT='PING' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP6='::/0' COMMENT='VESTA' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP6='::/0' COMMENT='DB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP6='::/0' COMMENT='IMAP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP6='::/0' COMMENT='POP3' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP6='::/0' COMMENT='SMTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP6='::/0' COMMENT='FTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP6='::/0' COMMENT='WEB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP6='::/0' COMMENT='SSH' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'

install/ubuntu/12.10/firewallv6/ports.conf

@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'

install/ubuntu/12.10/firewallv6/rules.conf

@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMPV6' PORT='0' IP6='::/0' COMMENT='PING' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP6='::/0' COMMENT='VESTA' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP6='::/0' COMMENT='DB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP6='::/0' COMMENT='IMAP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP6='::/0' COMMENT='POP3' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP6='::/0' COMMENT='SMTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP6='::/0' COMMENT='DNS' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP6='::/0' COMMENT='FTP' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP6='::/0' COMMENT='WEB' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP6='::/0' COMMENT='SSH' SUSPENDED='no' TIME='00:00:00' DATE='2017-01-22'