loncom/configuration/Firewall.pm - diff

Return to Firewall.pm CVS log

Up to [LON-CAPA] / loncom / configuration

Diff for /loncom/configuration/Firewall.pm between versions 1.21 and 1.25

version 1.21, 2020/07/09 13:42:37	version 1.25, 2021/12/21 16:42:15
Line 51 sub uses_firewalld {	Line 51 sub uses_firewalld {
if ($1 >= 18) {	if ($1 >= 18) {
$checkfirewalld = 1;	$checkfirewalld = 1;
}	}
} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)/) {	} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle\|rocky\|alma)(\d+)/) {
if ($1 >= 7) {	if ($1 >= 7) {
$checkfirewalld = 1;	$checkfirewalld = 1;
}	}
Line 119 sub firewall_open_port {	Line 119 sub firewall_open_port {
@lond_port_curropen);	@lond_port_curropen);
if (ref($iphost) eq 'HASH') {	if (ref($iphost) eq 'HASH') {
if (keys(%{$iphost}) > 0) {	if (keys(%{$iphost}) > 0) {
	my $count = scalar(keys(%{$iphost}));
	if ($count > 1) {
	print "Please be patient. Checking $count IPs.\n";
	}
my %curropen;	my %curropen;
if ($firewalld) {	if ($firewalld) {
&firewall_close_anywhere($iptables,$zone,$port,$firewalld);	&firewall_close_anywhere($iptables,$zone,$port,$firewalld);
Line 132 sub firewall_open_port {	Line 136 sub firewall_open_port {
$lond_port,$iphost,\%curropen);	$lond_port,$iphost,\%curropen);
}	}
}	}
	my $countok = 0;
foreach my $key (keys(%{$iphost})) {	foreach my $key (keys(%{$iphost})) {
my $ip = '';	my $ip = '';
if ($key =~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/) {	if ($key =~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/) {
Line 179 sub firewall_open_port {	Line 184 sub firewall_open_port {
}	}
}	}
}	}
	if ($count > 1) {
	$countok ++;
	print '.';
	if ($countok%40 == 0) {
	print "\n";
	}
	}
	}
	if ($count > 1) {
	if ($countok%40) {
	print "\n";
	}
}	}
} else {	} else {
print "no key found in \$iphost hash ref.\n".	print "no key found in \$iphost hash ref.\n".
Line 638 sub get_fw_chains {	Line 655 sub get_fw_chains {
my $ubuntu_config = "/etc/ufw/ufw.conf";	my $ubuntu_config = "/etc/ufw/ufw.conf";
my $firewalld = &uses_firewalld($distro);	my $firewalld = &uses_firewalld($distro);
if ($firewalld) {	if ($firewalld) {
my ($dist,$version) = ($distro =~ /^([\D]+)(\d+)$/);	my ($dist,$version) = ($distro =~ /^([\D]+)(\d+)(?:\|\-stream)$/);
if (((($dist eq 'rhes') \|\| ($dist eq 'centos')) &&	if (((($dist eq 'rhes') \|\| ($dist eq 'centos') \|\| ($dist eq 'rocky') \|\| ($dist eq 'alma')) &&
($version >= 8)) \|\| (($dist eq 'oracle') && ($version >= 7))) {	($version >= 8)) \|\| (($dist eq 'oracle') && ($version >= 7))) {
push(@fw_chains,'INPUT');	push(@fw_chains,'INPUT');
} else {	} else {
Line 659 sub get_fw_chains {	Line 676 sub get_fw_chains {
} else {	} else {
if ($distro =~ /^(debian\|ubuntu\|suse\|sles)/) {	if ($distro =~ /^(debian\|ubuntu\|suse\|sles)/) {
@posschains = ('INPUT');	@posschains = ('INPUT');
} elsif ($distro =~ /^(fedora\|rhes\|centos\|scientific\|oracle)(\d+)$/) {	} elsif ($distro =~ /^(fedora\|rhes\|centos\|scientific\|oracle\|rocky\|alma)(\d+)(?:\|\-stream)$/) {
if ((($1 eq 'fedora') && ($2 > 15)) \|\| (($1 ne 'fedora') && ($2 >= 7))) {	if ((($1 eq 'fedora') && ($2 > 15)) \|\| (($1 ne 'fedora') && ($2 >= 7))) {
@posschains = ('INPUT');	@posschains = ('INPUT');
} else {	} else {
Line 672 sub get_fw_chains {	Line 689 sub get_fw_chains {
print("Unable to find iptables file containing static definitions.\n");	print("Unable to find iptables file containing static definitions.\n");
}	}
}	}
if ($distro =~ /^(fedora\|rhes\|centos\|scientific\|oracle)(\d+)$/) {	if ($distro =~ /^(fedora\|rhes\|centos\|scientific\|oracle\|rocky\|alma)(\d+)(?:\|\-stream)$/) {
unless ((($1 eq 'fedora') && ($2 > 15)) \|\| (($1 ne 'fedora') && ($2 >= 7))) {	unless ((($1 eq 'fedora') && ($2 > 15)) \|\| (($1 ne 'fedora') && ($2 >= 7))) {
push(@fw_chains,'RH-Firewall-1-INPUT');	push(@fw_chains,'RH-Firewall-1-INPUT');
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.21
changed lines
	Added in v.1.25