--- loncom/init.d/loncontrol	2009/06/10 23:51:46	1.37
+++ loncom/init.d/loncontrol	2019/07/07 20:49:02	1.44.2.1
@@ -1,6 +1,6 @@
 #!/usr/bin/perl
 #
-# $Id: loncontrol,v 1.37 2009/06/10 23:51:46 raeburn Exp $
+# $Id: loncontrol,v 1.44.2.1 2019/07/07 20:49:02 raeburn Exp $
 #
 # The LearningOnline Network with CAPA
 #
@@ -40,9 +40,10 @@
 # SuSE chkconfig/insserv info
 ### BEGIN INIT INFO
 # Provides:       loncapa
-# Required-Start: mysql apache2 $network $remote_fs
+# Required-Start: SuSEfirewall2_setup mysql apache2 $network $remote_fs
+# Should-Start:   $ALL
 # Required-Stop:
-# Default-Start:  3 4 5
+# Default-Start:  3 5
 # Default-Stop:
 # Description:    Starts the LON-CAPA services
 ### END INIT INFO
@@ -106,23 +107,44 @@ sub clean_sockets {
     }
 }
 
-if ($command eq "restart") {
-    print 'Restarting LON-CAPA'."\n";
-    print 'Ending LON-CAPA client and daemon processes'."\n";
-    foreach my $daemon ('lonsql','lond','lonc','lonmemcached','lonmaxima','lonr') {
-	my $killallname=$daemon;
-	if ($daemon eq 'lonc') { $killallname='loncnew'; }
-	&stop_daemon($daemon,$killallname);
-    }
-    print 'Starting LON-CAPA client and daemon processes (please be patient)'.
-	"\n";
-    system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'");
-} elsif (($command eq "stop") || ($command eq 'start') || ($command eq 'status')) {
+if (($command eq "restart") || ($command eq 'stop') || 
+    ($command eq 'start') || ($command eq "status")) {
     my $iptables = &LONCAPA::Firewall::get_pathto_iptables();
-    my $fw_chain = &LONCAPA::Firewall::get_fw_chain();
+    my @fw_chains = &LONCAPA::Firewall::get_fw_chains($iptables);
     my $lond_port = &LONCAPA::Firewall::get_lond_port();
-    my %iphost = &Apache::lonnet::get_iphost();
-    if ($command eq 'stop') {
+    my $firewalld = &LONCAPA::Firewall::uses_firewalld();
+    my %iphost;
+    if ($command eq 'restart') {
+        print 'Restarting LON-CAPA'."\n";
+        print 'Ending LON-CAPA client and daemon processes'."\n";
+        foreach my $daemon ('lonsql','lond','lonc','lonmemcached','lonmaxima','lonr') {
+            my $killallname=$daemon;
+            if ($daemon eq 'lonc') { $killallname='loncnew'; }
+            &stop_daemon($daemon,$killallname);
+        }
+        %iphost = &Apache::lonnet::get_iphost('',1);
+        my $firewall_result =
+            &LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains,
+                                             $lond_port,\%iphost,[$lond_port],
+                                             $firewalld);
+        if ($firewall_result) {
+            print "$firewall_result\n";
+        }
+        $firewall_result =
+            &LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains,
+                                            $lond_port, \%iphost,[$lond_port],
+                                            $firewalld);
+        if (($firewall_result eq 'ok') || ($firewall_result eq 'inactive firewall')) {
+            if ($firewall_result eq 'inactive firewall') {
+                print "WARNING: iptables firewall is currently inactive\n";
+            }
+        } elsif ($firewall_result) {
+            print "$firewall_result\n";
+        }
+        print 'Starting LON-CAPA client and daemon processes (please be patient)'.
+              "\n";
+        system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'");
+    } elsif ($command eq 'stop') {
         print 'Stopping LON-CAPA'."\n";
         foreach my $daemon ('lonsql','lond','lonc','lonmemcached','lonmaxima','lonr') {
 	    my $killallname=$daemon;
@@ -130,14 +152,19 @@ if ($command eq "restart") {
 	    &stop_daemon($daemon,$killallname);
         }
         my $firewall_result = 
-            &LONCAPA::Firewall::firewall_close_port($iptables,$fw_chain,$lond_port,[$lond_port]);
+            &LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains,
+                                                    $lond_port,\%iphost,[$lond_port],
+                                                    $firewalld);
         if ($firewall_result) {
             print "$firewall_result\n";
         }
         &clean_sockets();
     } elsif ($command eq "start") {
+        %iphost = &Apache::lonnet::get_iphost('',1);
         my $firewall_result = 
-            &LONCAPA::Firewall::firewall_open_port($iptables,$fw_chain,$lond_port,\%iphost,[$lond_port]);
+            &LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains,
+                                                   $lond_port,\%iphost,[$lond_port],
+                                                   $firewalld);
         if (($firewall_result eq 'ok') || ($firewall_result eq 'inactive firewall')) {
             if ($firewall_result eq 'inactive firewall') {
                 print "WARNING: iptables firewall is currently inactive\n";
@@ -155,6 +182,7 @@ if ($command eq "restart") {
             }
         }
     } elsif ($command eq "status") {
+        %iphost = &Apache::lonnet::get_iphost();
         my $response=`/bin/cat /home/httpd/perl/logs/*.pid 2>&1`;
         if ($response=~/No such file or directory/) {
 	    print 'LON-CAPA is not running.'."\n";
@@ -166,9 +194,14 @@ if ($command eq "restart") {
             print 'The iptables firewall is not active'."\n";
         }
         if ($lond_port) {
-            if (&LONCAPA::Firewall::firewall_is_port_open($iptables,$fw_chain,$lond_port,$lond_port,\%iphost)) {
+            my $londopen;
+            foreach my $fw_chain (@fw_chains) { 
+                my $numopen = &LONCAPA::Firewall::firewall_is_port_open($iptables,$fw_chain,$lond_port,$lond_port,\%iphost,$firewalld);
+                $londopen += $numopen; 
+            }
+            if ($londopen) {
                 print "The LON-CAPA port ($lond_port) is open in firewall.\n";
-            } elsif (&LONCAPA::Firewall::firewall_is_active) {
+            } elsif (&LONCAPA::Firewall::firewall_is_active()) {
                 print "The LON-CAPA port ($lond_port) is NOT open in running firewall!\n";
             }
         } else {