version 1.24, 2021/12/21 13:57:47
|
version 1.27, 2024/06/13 17:18:38
|
Line 332 sub firewall_is_port_open {
|
Line 332 sub firewall_is_port_open {
|
while(<PIPE>) { |
while(<PIPE>) { |
if ($port eq $lond_port) { |
if ($port eq $lond_port) { |
if (ref($iphost) eq 'HASH') { |
if (ref($iphost) eq 'HASH') { |
if (/^ACCEPT\s+tcp\s+\-{2}\s+(\S+)\s+\S+\s+tcp\s+dpt\:\Q$port\E/) { |
if (/^ACCEPT\s+(?:tcp|6)\s+\-{2}\s+(\S+)\s+\S+\s+tcp\s+dpt\:\Q$port\E/) { |
my $ip = $1; |
my $ip = $1; |
if ($iphost->{$ip}) { |
if ($iphost->{$ip}) { |
$count ++; |
$count ++; |
Line 365 sub firewall_is_active {
|
Line 365 sub firewall_is_active {
|
} |
} |
close(PIPE); |
close(PIPE); |
} |
} |
|
unless ($status) { |
|
if (open(PIPE,'nft list tables |')) { |
|
while(<PIPE>) { |
|
chomp(); |
|
if (/filter$/) { |
|
$status = 1; |
|
last; |
|
} |
|
} |
|
close(PIPE); |
|
} |
|
} |
} |
} |
unless ($status) { |
unless ($status) { |
$status = &uses_firewalld(); |
$status = &uses_firewalld(); |
Line 458 sub firewall_close_port {
|
Line 470 sub firewall_close_port {
|
while (<PIPE>) { |
while (<PIPE>) { |
chomp(); |
chomp(); |
next unless (/dpt:\Q$port\E/); |
next unless (/dpt:\Q$port\E/); |
if (/^ACCEPT\s+tcp\s+\-{2}\s+(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\s+/) { |
if (/^ACCEPT\s+(?:tcp|6)\s+\-{2}\s+(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\s+/) { |
my $ip = $1; |
my $ip = $1; |
my $keepopen = 0; |
my $keepopen = 0; |
if (ref($iphost) eq 'HASH') { |
if (ref($iphost) eq 'HASH') { |
Line 613 sub firewall_close_anywhere {
|
Line 625 sub firewall_close_anywhere {
|
while (<PIPE>) { |
while (<PIPE>) { |
next unless (/dpt:\Q$port\E/); |
next unless (/dpt:\Q$port\E/); |
chomp(); |
chomp(); |
if (/^(\d+)\s+ACCEPT\s+tcp\s+\-{2}\s+0\.0\.0\.0\/0\s+0\.0\.0\.0\/0/) { |
if (/^(\d+)\s+ACCEPT\s+(?:tcp|6)\s+\-{2}\s+0\.0\.0\.0\/0\s+0\.0\.0\.0\/0/) { |
my $firewall_command = "$iptables -D $fw_chain $1"; |
my $firewall_command = "$iptables -D $fw_chain $1"; |
system($firewall_command); |
system($firewall_command); |
my $return_status = $?>>8; |
my $return_status = $?>>8; |
Line 689 sub get_fw_chains {
|
Line 701 sub get_fw_chains {
|
print("Unable to find iptables file containing static definitions.\n"); |
print("Unable to find iptables file containing static definitions.\n"); |
} |
} |
} |
} |
if ($distro =~ /^(fedora|rhes|centos|scientific|oracle|rocky|alma)(\d+){?:|\-stream)$/) { |
if ($distro =~ /^(fedora|rhes|centos|scientific|oracle|rocky|alma)(\d+)(?:|\-stream)$/) { |
unless ((($1 eq 'fedora') && ($2 > 15)) || (($1 ne 'fedora') && ($2 >= 7))) { |
unless ((($1 eq 'fedora') && ($2 > 15)) || (($1 ne 'fedora') && ($2 >= 7))) { |
push(@fw_chains,'RH-Firewall-1-INPUT'); |
push(@fw_chains,'RH-Firewall-1-INPUT'); |
} |
} |