[LON-CAPA-cvs] cvs: loncom /configuration Firewall.pm

Fri, 03 Jul 2009 17:59:01 -0000

raeburn		Fri Jul  3 17:59:01 2009 EDT

  Modified files:              
    /loncom/configuration	Firewall.pm 
  Log:
  - RH-Firewall-1-INPUT no longer used as chain in iptables for Fedora 10 and 11.
    - default to use INPUT as chain for LON-CAPA firewall rules.
  
  
Index: loncom/configuration/Firewall.pm
diff -u loncom/configuration/Firewall.pm:1.2 loncom/configuration/Firewall.pm:1.3

--- loncom/configuration/Firewall.pm:1.2	Thu Jun 11 13:01:56 2009
+++ loncom/configuration/Firewall.pm	Fri Jul  3 17:59:01 2009
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Firewall configuration to allow internal LON-CAPA communication between servers   
 #
-# $Id: Firewall.pm,v 1.2 2009/06/11 13:01:56 raeburn Exp $
+# $Id: Firewall.pm,v 1.3 2009/07/03 17:59:01 raeburn Exp $
 #
 # The LearningOnline Network with CAPA
 #
@@ -302,6 +302,11 @@
         if (!-e '/etc/sysconfig/iptables') {
             print("Unable to find iptables file containing static definitions\n");
         }
+        my $count = `$iptables -L -n 2>/dev/null |grep $fw_chain |wc -l`;
+        chomp($count);
+        if (!$count) {
+            $fw_chain ='INPUT';
+        }
     }
     return $fw_chain;
 }



