[LON-CAPA-cvs] cvs: loncom /init.d loncontrol

matthew lon-capa-cvs@mail.lon-capa.org
Thu, 02 Dec 2004 21:16:56 -0000 

matthew		Thu Dec  2 16:16:56 2004 EDT

  Modified files:              
    /loncom/init.d	loncontrol 
  Log:
  Added support for multiple port opening and added port 8080.
  
  
Index: loncom/init.d/loncontrol
diff -u loncom/init.d/loncontrol:1.21 loncom/init.d/loncontrol:1.22
--- loncom/init.d/loncontrol:1.21	Thu Dec  2 15:49:50 2004
+++ loncom/init.d/loncontrol	Thu Dec  2 16:16:56 2004
@@ -45,29 +45,34 @@
     # Firewall code is based on the code in FC2 /etc/init.d/ntpd
     my $fw_chain = 'RH-Firewall-1-INPUT';
     my $iptables = '/sbin/iptables';
-    my $port = 5663;
+    my $lond_port = 5663;
+    my $lonhttpd_port = 8080;
 
 sub firewall_open_port {
     return if (! &firewall_is_active);
-    print "Opening firewall access on port $port\n";
     if (! `$iptables -L -n 2>/dev/null | grep $fw_chain | wc -l`) { return; }
     # iptables is running with our chain
     #
     # We could restrict the servers allowed to attempt to communicate
     # here, but the logistics of updating the /home/httpd/lonTabs/host.tab
     # file are likely to be a problem
-    my $firewall_command = 
-        "$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT";
-    system($firewall_command);
-    my $return_status = $?>>8;
-    if ($return_status == 1) {
-        # Error
-        print "Error opening port.\n";
-    } elsif ($return_status == 2) {
-        # Bad command
-        print "Bad command error opening port.  Command was\n".
-            "  ".$firewall_command."\n";
+    foreach my $port ($lond_port,$lonhttpd_port) {
+        print "Opening firewall access on port $port.\n";
+
+        my $firewall_command = 
+            "$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT";
+        system($firewall_command);
+        my $return_status = $?>>8;
+        if ($return_status == 1) {
+            # Error
+            print "Error opening port.\n";
+        } elsif ($return_status == 2) {
+            # Bad command
+            print "Bad command error opening port.  Command was\n".
+                "  ".$firewall_command."\n";
+        }
     }
+    
 }
 
 sub firewall_is_port_open {
@@ -92,18 +97,20 @@
 
 sub firewall_close_port {
     return if (! &firewall_is_active);
-    print "Closing firewall access on port $port\n";
-    my $firewall_command = 
-        "$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT";
-    system($firewall_command);
-    my $return_status = $?>>8;
-    if ($return_status == 1) {
-        # Error
-        print "Error closing port.\n";
-    } elsif ($return_status == 2) {
-        # Bad command
-        print "Bad command error closing port.  Command was\n".
-            "  ".$firewall_command."\n";
+    foreach my $port ($lond_port,$lonhttpd_port) {
+        print "Closing firewall access on port $port.\n";
+        my $firewall_command = 
+            "$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT";
+        system($firewall_command);
+        my $return_status = $?>>8;
+        if ($return_status == 1) {
+            # Error
+            print "Error closing port.\n";
+        } elsif ($return_status == 2) {
+            # Bad command
+            print "Bad command error closing port.  Command was\n".
+                "  ".$firewall_command."\n";
+        }
     }
 }