[LON-CAPA-cvs] cvs: loncom /init.d loncontrol

raeburn raeburn@source.lon-capa.org
Thu, 25 Mar 2010 01:37:09 -0000


raeburn		Thu Mar 25 01:37:09 2010 EDT

  Modified files:              
    /loncom/init.d	loncontrol 
  Log:
  Array of chains reurned by &Firewall::get_fw_chains()
  - Second arg passed to
      Firewall::firewall_close_port()
      Firewall::firewall_open_port()
  is a reference to this array of chains
  (for redhat/centOS/fedora: one or both of RH-Firewall-1-INPUT and 
  INPUT may contain entries for LON-CAPA port).
  
  
Index: loncom/init.d/loncontrol
diff -u loncom/init.d/loncontrol:1.38 loncom/init.d/loncontrol:1.39
--- loncom/init.d/loncontrol:1.38	Mon Jul  6 00:07:15 2009
+++ loncom/init.d/loncontrol	Thu Mar 25 01:37:09 2010
@@ -1,6 +1,6 @@
 #!/usr/bin/perl
 #
-# $Id: loncontrol,v 1.38 2009/07/06 00:07:15 raeburn Exp $
+# $Id: loncontrol,v 1.39 2010/03/25 01:37:09 raeburn Exp $
 #
 # The LearningOnline Network with CAPA
 #
@@ -119,7 +119,7 @@
     system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'");
 } elsif (($command eq "stop") || ($command eq 'start') || ($command eq 'status')) {
     my $iptables = &LONCAPA::Firewall::get_pathto_iptables();
-    my $fw_chain = &LONCAPA::Firewall::get_fw_chain($iptables);
+    my @fw_chains = &LONCAPA::Firewall::get_fw_chains($iptables);
     my $lond_port = &LONCAPA::Firewall::get_lond_port();
     my %iphost = &Apache::lonnet::get_iphost();
     if ($command eq 'stop') {
@@ -130,14 +130,14 @@
 	    &stop_daemon($daemon,$killallname);
         }
         my $firewall_result = 
-            &LONCAPA::Firewall::firewall_close_port($iptables,$fw_chain,$lond_port,[$lond_port]);
+            &LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains,$lond_port,[$lond_port]);
         if ($firewall_result) {
             print "$firewall_result\n";
         }
         &clean_sockets();
     } elsif ($command eq "start") {
         my $firewall_result = 
-            &LONCAPA::Firewall::firewall_open_port($iptables,$fw_chain,$lond_port,\%iphost,[$lond_port]);
+            &LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port]);
         if (($firewall_result eq 'ok') || ($firewall_result eq 'inactive firewall')) {
             if ($firewall_result eq 'inactive firewall') {
                 print "WARNING: iptables firewall is currently inactive\n";
@@ -166,7 +166,12 @@
             print 'The iptables firewall is not active'."\n";
         }
         if ($lond_port) {
-            if (&LONCAPA::Firewall::firewall_is_port_open($iptables,$fw_chain,$lond_port,$lond_port,\%iphost)) {
+            my $londopen;
+            foreach my $fw_chain (@fw_chains) { 
+                my $numopen = &LONCAPA::Firewall::firewall_is_port_open($iptables,$fw_chain,$lond_port,$lond_port,\%iphost);
+                $londopen += $numopen; 
+            }
+            if ($londopen) {
                 print "The LON-CAPA port ($lond_port) is open in firewall.\n";
             } elsif (&LONCAPA::Firewall::firewall_is_active) {
                 print "The LON-CAPA port ($lond_port) is NOT open in running firewall!\n";