--- loncom/configuration/Firewall.pm	2009/06/10 23:51:51	1.1
+++ loncom/configuration/Firewall.pm	2009/07/17 00:15:49	1.5
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Firewall configuration to allow internal LON-CAPA communication between servers   
 #
-# $Id: Firewall.pm,v 1.1 2009/06/10 23:51:51 raeburn Exp $
+# $Id: Firewall.pm,v 1.5 2009/07/17 00:15:49 raeburn Exp $
 #
 # The LearningOnline Network with CAPA
 #
@@ -76,7 +76,8 @@ sub firewall_open_port {
                     &firewall_close_anywhere($iptables,$fw_chain,$port);
                     foreach my $key (keys(%{$iphost})) {
                         my $ip = '';
-                        if ($key =~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/) {                            if (($1<=255) && ($2<=255) && ($3<=255) && ($4<=255)) {
+                        if ($key =~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/) {
+                            if (($1<=255) && ($2<=255) && ($3<=255) && ($4<=255)) {
                                 $ip = "$1.$2.$3.$4";
                             } else {
                                 next;
@@ -293,13 +294,24 @@ sub get_lond_port {
 }
 
 sub get_fw_chain {
+    my ($iptables) = @_;
     my $fw_chain = 'RH-Firewall-1-INPUT';
     my $suse_config = "/etc/sysconfig/SuSEfirewall2";
     if (-e $suse_config) {
         $fw_chain = 'input_ext';
     } else {
         if (!-e '/etc/sysconfig/iptables') {
-            print("Unable to find iptables file containing static definitions\n");
+            if (!-e '/var/lib/iptables') {
+                print("Unable to find iptables file containing static definitions\n");
+            }
+        }
+        if ($iptables eq '') {
+            $iptables = &get_pathto_iptables();
+        }
+        my $count = `$iptables -L -n 2>/dev/null |grep $fw_chain |wc -l`;
+        chomp($count);
+        if (!$count) {
+            $fw_chain ='INPUT';
         }
     }
     return $fw_chain;