--- loncom/configuration/Firewall.pm 2019/07/02 19:40:22 1.19 +++ loncom/configuration/Firewall.pm 2021/01/04 18:24:51 1.22 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Firewall configuration to allow internal LON-CAPA communication between servers # -# $Id: Firewall.pm,v 1.19 2019/07/02 19:40:22 raeburn Exp $ +# $Id: Firewall.pm,v 1.22 2021/01/04 18:24:51 raeburn Exp $ # # The LearningOnline Network with CAPA # @@ -119,6 +119,10 @@ sub firewall_open_port { @lond_port_curropen); if (ref($iphost) eq 'HASH') { if (keys(%{$iphost}) > 0) { + my $count = scalar(keys(%{$iphost})); + if ($count > 1) { + print "Please be patient. Checking $count IPs.\n"; + } my %curropen; if ($firewalld) { &firewall_close_anywhere($iptables,$zone,$port,$firewalld); @@ -132,6 +136,7 @@ sub firewall_open_port { $lond_port,$iphost,\%curropen); } } + my $countok = 0; foreach my $key (keys(%{$iphost})) { my $ip = ''; if ($key =~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/) { @@ -179,12 +184,27 @@ sub firewall_open_port { } } } + if ($count > 1) { + $countok ++; + print '.'; + if ($countok%40 == 0) { + print "\n"; + } + } + } + if ($count > 1) { + if ($countok%40) { + print "\n"; + } } } else { - print "no key found in $iphost hash ref\n"; + print "no key found in \$iphost hash ref.\n". + "Domain Name Service (DNS) may not be available.\n". + "If this LON-CAPA node is standalone, then you can fix this issue by modifying /etc/hosts.\n". + "Use a text editor to add: IPaddress Hostname\n"; } } else { - print "$iphost is not a reference to a hash\n"; + print "\$iphost is not a reference to a hash\n"; } if (@lond_port_curropen) { unless (grep(/^\Q$port\E$/,@opened)) { @@ -276,6 +296,7 @@ sub firewall_is_port_open { # for other ports returns 1 if the firewall port is open, 0 if not. # if firewalld is in use, checks for rich rules only. my $count = 0; + # check if firewall is active or installed return $count if (! &firewall_is_active()); if ($firewalld) { my $zone = &get_default_zone(); @@ -307,12 +328,7 @@ sub firewall_is_port_open { close(PIPE); } } - return $count; - } - return $count unless ($fw_chain !~ /^[\w-]+$/); - if (open(PIPE,"$iptables -L $fw_chain -n |")) { - # check if firewall is active or installed - return if (! &firewall_is_active()); + } elsif (($fw_chain =~ /^[\w-]+$/) && (open(PIPE,"$iptables -L $fw_chain -n |"))) { while() { if ($port eq $lond_port) { if (ref($iphost) eq 'HASH') {