--- loncom/init.d/loncontrol 2004/12/02 18:49:55 1.20 +++ loncom/init.d/loncontrol 2004/12/02 21:16:56 1.22 @@ -2,14 +2,33 @@ # # The LearningOnline Network with CAPA # +# Copyright Michigan State University Board of Trustees +# +# This file is part of the LearningOnline Network with CAPA (LON-CAPA). +# +# LON-CAPA is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# LON-CAPA is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with LON-CAPA; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# /home/httpd/html/adm/gpl.txt +# +# http://www.lon-capa.org/ +# # Startup script for the LON-CAPA network processes # -# YEAR=2000 -# YEAR=2001 -# YEAR=2002 # chkconfig: 345 95 5 -# description: LON-CAPA is a "network of knowledge". It is used to +# description: LON-CAPA is a "network of knowledge". It is used to \ # distribute knowledge resources and instructional management. # processnames: lonc, lond, lonsql # pidfiles: /home/httpd/perl/logs/lon*.pid @@ -26,29 +45,34 @@ $ENV{'BASH_ENV'}=""; # Firewall code is based on the code in FC2 /etc/init.d/ntpd my $fw_chain = 'RH-Firewall-1-INPUT'; my $iptables = '/sbin/iptables'; - my $port = 5663; + my $lond_port = 5663; + my $lonhttpd_port = 8080; sub firewall_open_port { return if (! &firewall_is_active); - print "Opening firewall access on port $port\n"; if (! `$iptables -L -n 2>/dev/null | grep $fw_chain | wc -l`) { return; } # iptables is running with our chain # # We could restrict the servers allowed to attempt to communicate # here, but the logistics of updating the /home/httpd/lonTabs/host.tab # file are likely to be a problem - my $firewall_command = - "$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; - system($firewall_command); - my $return_status = $?>>8; - if ($return_status == 1) { - # Error - print "Error opening port.\n"; - } elsif ($return_status == 2) { - # Bad command - print "Bad command error opening port. Command was\n". - " ".$firewall_command."\n"; + foreach my $port ($lond_port,$lonhttpd_port) { + print "Opening firewall access on port $port.\n"; + + my $firewall_command = + "$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; + system($firewall_command); + my $return_status = $?>>8; + if ($return_status == 1) { + # Error + print "Error opening port.\n"; + } elsif ($return_status == 2) { + # Bad command + print "Bad command error opening port. Command was\n". + " ".$firewall_command."\n"; + } } + } sub firewall_is_port_open { @@ -73,18 +97,20 @@ sub firewall_is_active { sub firewall_close_port { return if (! &firewall_is_active); - print "Closing firewall access on port $port\n"; - my $firewall_command = - "$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; - system($firewall_command); - my $return_status = $?>>8; - if ($return_status == 1) { - # Error - print "Error closing port.\n"; - } elsif ($return_status == 2) { - # Bad command - print "Bad command error closing port. Command was\n". - " ".$firewall_command."\n"; + foreach my $port ($lond_port,$lonhttpd_port) { + print "Closing firewall access on port $port.\n"; + my $firewall_command = + "$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; + system($firewall_command); + my $return_status = $?>>8; + if ($return_status == 1) { + # Error + print "Error closing port.\n"; + } elsif ($return_status == 2) { + # Bad command + print "Bad command error closing port. Command was\n". + " ".$firewall_command."\n"; + } } }