--- loncom/configuration/Firewall.pm	2011/04/26 03:43:17	1.9
+++ loncom/configuration/Firewall.pm	2013/02/08 14:55:12	1.12
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Firewall configuration to allow internal LON-CAPA communication between servers   
 #
-# $Id: Firewall.pm,v 1.9 2011/04/26 03:43:17 raeburn Exp $
+# $Id: Firewall.pm,v 1.12 2013/02/08 14:55:12 raeburn Exp $
 #
 # The LearningOnline Network with CAPA
 #
@@ -35,6 +35,7 @@ package LONCAPA::Firewall;
 use strict;
 use lib '/home/httpd/perl/lib';
 use LONCAPA::Configuration;
+use LONCAPA;
 
 sub firewall_open_port {
     my ($iptables,$fw_chains,$lond_port,$iphost,$ports) = @_;
@@ -244,8 +245,9 @@ sub firewall_close_port {
             print "Skipped non-numeric port: $portnum\n"; 
             next;
         }
-        print "Closing firewall access on port $port\n";
+        print "Closing firewall access on port $port.\n";
         if (($port ne '') && ($port eq $lond_port)) {
+            my $output;
             foreach my $fw_chain (@okchains) {
                 my (@port_error,@command_error,@lond_port_close);
                 my %to_close;
@@ -284,17 +286,22 @@ sub firewall_close_port {
                     }
                 }
                 if (@lond_port_close) {
-                    print "Port closed for ".scalar(@lond_port_close)." IP addresses\n";
+                    $output .= "Port closed for ".scalar(@lond_port_close)." IP addresses\n";
                 }
                 if (@port_error) {
-                    print "Error closing port for following IP addresses: ".join(', ',@port_error)."\n";
+                    $output .= "Error closing port for following IP addresses: ".join(', ',@port_error)."\n";
                 }
                 if (@command_error) {
-                    print "Bad command error opening port for following IP addresses: ".
+                    $output .= "Bad command error opening port for following IP addresses: ".
                           join(', ',@command_error)."\n".
                           'Command was: "'."$iptables -D $fw_chain -p tcp -s ".'$ip'." -d 0/0 --dport $port -j ACCEPT".'", where $ip is IP address'."\n";
                 }
             }
+            if ($output) {
+                 print $output;
+            } else {
+                print "No IP addresses required discontinuation of access.\n";
+            }
         } else {
             foreach my $fw_chain (@okchains) {
                 my (@port_error,@command_error,@lond_port_close);
@@ -369,17 +376,7 @@ sub get_lond_port {
 
 sub get_fw_chains {
     my ($iptables) = @_;
-    my $perlvarref=&LONCAPA::Configuration::read_conf();
-    my $distro;
-    if (ref($perlvarref) eq 'HASH') {
-        my $path = $perlvarref->{'lonDaemons'};
-        if ($path) {
-            if (open(PIPE,"$path/distprobe|")) {
-                $distro = <PIPE>;
-                close(PIPE);
-            }
-        }
-    }
+    my $distro = &LONCAPA::distro();
     my @fw_chains;
     my $suse_config = "/etc/sysconfig/SuSEfirewall2";
     my $ubuntu_config = "/etc/ufw/ufw.conf";