[LON-CAPA-cvs] cvs: loncom /configuration Firewall.pm
raeburn
raeburn@source.lon-capa.org
Fri, 25 Feb 2011 19:41:59 -0000
raeburn Fri Feb 25 19:41:59 2011 EDT
Modified files:
/loncom/configuration Firewall.pm
Log:
- Support firewall configuration via ufw on Ubuntu.
Index: loncom/configuration/Firewall.pm
diff -u loncom/configuration/Firewall.pm:1.7 loncom/configuration/Firewall.pm:1.8
--- loncom/configuration/Firewall.pm:1.7 Thu Dec 30 18:40:29 2010
+++ loncom/configuration/Firewall.pm Fri Feb 25 19:41:59 2011
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Firewall configuration to allow internal LON-CAPA communication between servers
#
-# $Id: Firewall.pm,v 1.7 2010/12/30 18:40:29 raeburn Exp $
+# $Id: Firewall.pm,v 1.8 2011/02/25 19:41:59 raeburn Exp $
#
# The LearningOnline Network with CAPA
#
@@ -371,20 +371,26 @@
my ($iptables) = @_;
my @fw_chains;
my $suse_config = "/etc/sysconfig/SuSEfirewall2";
+ my $ubuntu_config = "/etc/ufw/ufw.conf";
if (-e $suse_config) {
push(@fw_chains,'input_ext');
} else {
- if (!-e '/etc/sysconfig/iptables') {
- if (!-e '/var/lib/iptables') {
- print("Unable to find iptables file containing static definitions\n");
+ my @posschains;
+ if (-e $ubuntu_config) {
+ @posschains = ('ufw-user-input','INPUT');
+ } else {
+ @posschains = ('RH-Firewall-1-INPUT','INPUT');
+ if (!-e '/etc/sysconfig/iptables') {
+ if (!-e '/var/lib/iptables') {
+ print("Unable to find iptables file containing static definitions\n");
+ }
+ push(@fw_chains,'RH-Firewall-1-INPUT');
}
- push(@fw_chains,'RH-Firewall-1-INPUT');
}
if ($iptables eq '') {
$iptables = &get_pathto_iptables();
}
my %counts;
- my @posschains = ('RH-Firewall-1-INPUT','INPUT');
if (open(PIPE,"$iptables -L -n |")) {
while(<PIPE>) {
foreach my $chain (@posschains) {
@@ -397,7 +403,9 @@
}
foreach my $fw_chain (@posschains) {
if ($counts{$fw_chain}) {
- push(@fw_chains,$fw_chain);
+ unless(grep(/^\Q$fw_chain\E$/,@fw_chains)) {
+ push(@fw_chains,$fw_chain);
+ }
}
}
}