[LON-CAPA-cvs] cvs: loncom /configuration Firewall.pm

[raeburn]

raeburn		Sat Jan 11 22:07:54 2020 EDT

  Modified files:              
    /loncom/configuration	Firewall.pm 
  Log:
  - When firewalld not in use, eliminate superfluous call to 
    &firewall_is_active(), and fix logic in check for valid $fw_chain.
  
  
Index: loncom/configuration/Firewall.pm
diff -u loncom/configuration/Firewall.pm:1.19 loncom/configuration/Firewall.pm:1.20
--- loncom/configuration/Firewall.pm:1.19	Tue Jul  2 19:40:22 2019
+++ loncom/configuration/Firewall.pm	Sat Jan 11 22:07:54 2020
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Firewall configuration to allow internal LON-CAPA communication between servers   
 #
-# $Id: Firewall.pm,v 1.19 2019/07/02 19:40:22 raeburn Exp $
+# $Id: Firewall.pm,v 1.20 2020/01/11 22:07:54 raeburn Exp $
 #
 # The LearningOnline Network with CAPA
 #
@@ -276,6 +276,7 @@
     # for other ports returns 1 if the firewall port is open, 0 if not.
     # if firewalld is in use, checks for rich rules only.
     my $count = 0;
+    # check if firewall is active or installed
     return $count if (! &firewall_is_active());
     if ($firewalld) {
         my $zone = &get_default_zone();
@@ -307,12 +308,7 @@
                 close(PIPE);
             }
         }
-	return $count; 
-    }
-    return $count unless ($fw_chain !~ /^[\w-]+$/);
-    if (open(PIPE,"$iptables -L $fw_chain -n |")) {
-        # check if firewall is active or installed
-        return if (! &firewall_is_active());
+    } elsif (($fw_chain =~ /^[\w-]+$/) && (open(PIPE,"$iptables -L $fw_chain -n |"))) {
         while(<PIPE>) {
             if ($port eq $lond_port) {
                 if (ref($iphost) eq 'HASH') {