version 1.18, 2019/06/09 02:35:45
|
version 1.20, 2020/01/11 22:07:54
|
Line 51 sub uses_firewalld {
|
Line 51 sub uses_firewalld {
|
if ($1 >= 18) { |
if ($1 >= 18) { |
$checkfirewalld = 1; |
$checkfirewalld = 1; |
} |
} |
} elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { |
} elsif ($distro =~ /^(?:centos|rhes|scientific|oracle)(\d+)/) { |
if ($1 >= 7) { |
if ($1 >= 7) { |
$checkfirewalld = 1; |
$checkfirewalld = 1; |
} |
} |
Line 276 sub firewall_is_port_open {
|
Line 276 sub firewall_is_port_open {
|
# for other ports returns 1 if the firewall port is open, 0 if not. |
# for other ports returns 1 if the firewall port is open, 0 if not. |
# if firewalld is in use, checks for rich rules only. |
# if firewalld is in use, checks for rich rules only. |
my $count = 0; |
my $count = 0; |
|
# check if firewall is active or installed |
return $count if (! &firewall_is_active()); |
return $count if (! &firewall_is_active()); |
if ($firewalld) { |
if ($firewalld) { |
my $zone = &get_default_zone(); |
my $zone = &get_default_zone(); |
Line 307 sub firewall_is_port_open {
|
Line 308 sub firewall_is_port_open {
|
close(PIPE); |
close(PIPE); |
} |
} |
} |
} |
return $count; |
} elsif (($fw_chain =~ /^[\w-]+$/) && (open(PIPE,"$iptables -L $fw_chain -n |"))) { |
} |
|
return $count unless ($fw_chain !~ /^[\w-]+$/); |
|
if (open(PIPE,"$iptables -L $fw_chain -n |")) { |
|
# check if firewall is active or installed |
|
return if (! &firewall_is_active()); |
|
while(<PIPE>) { |
while(<PIPE>) { |
if ($port eq $lond_port) { |
if ($port eq $lond_port) { |
if (ref($iphost) eq 'HASH') { |
if (ref($iphost) eq 'HASH') { |
Line 640 sub get_fw_chains {
|
Line 636 sub get_fw_chains {
|
my $firewalld = &uses_firewalld($distro); |
my $firewalld = &uses_firewalld($distro); |
if ($firewalld) { |
if ($firewalld) { |
my ($dist,$version) = ($distro =~ /^([\D]+)(\d+)$/); |
my ($dist,$version) = ($distro =~ /^([\D]+)(\d+)$/); |
if ((($dist eq 'rhes') || ($dist eq 'centos')) && |
if (((($dist eq 'rhes') || ($dist eq 'centos')) && |
($version >= 8)) { |
($version >= 8)) || (($dist eq 'oracle') && ($version >= 7))) { |
push(@fw_chains,'INPUT'); |
push(@fw_chains,'INPUT'); |
} else { |
} else { |
my $zone = &get_default_zone(); |
my $zone = &get_default_zone(); |
Line 660 sub get_fw_chains {
|
Line 656 sub get_fw_chains {
|
} else { |
} else { |
if ($distro =~ /^(debian|ubuntu|suse|sles)/) { |
if ($distro =~ /^(debian|ubuntu|suse|sles)/) { |
@posschains = ('INPUT'); |
@posschains = ('INPUT'); |
} elsif ($distro =~ /^(fedora|rhes|centos|scientific)(\d+)$/) { |
} elsif ($distro =~ /^(fedora|rhes|centos|scientific|oracle)(\d+)$/) { |
if ((($1 eq 'fedora') && ($2 > 15)) || (($1 ne 'fedora') && ($2 >= 7))) { |
if ((($1 eq 'fedora') && ($2 > 15)) || (($1 ne 'fedora') && ($2 >= 7))) { |
@posschains = ('INPUT'); |
@posschains = ('INPUT'); |
} else { |
} else { |
Line 673 sub get_fw_chains {
|
Line 669 sub get_fw_chains {
|
print("Unable to find iptables file containing static definitions.\n"); |
print("Unable to find iptables file containing static definitions.\n"); |
} |
} |
} |
} |
if ($distro =~ /^(fedora|rhes|centos|scientific)(\d+)$/) { |
if ($distro =~ /^(fedora|rhes|centos|scientific|oracle)(\d+)$/) { |
unless ((($1 eq 'fedora') && ($2 > 15)) || (($1 ne 'fedora') && ($2 >= 7))) { |
unless ((($1 eq 'fedora') && ($2 > 15)) || (($1 ne 'fedora') && ($2 >= 7))) { |
push(@fw_chains,'RH-Firewall-1-INPUT'); |
push(@fw_chains,'RH-Firewall-1-INPUT'); |
} |
} |