[BACK]Return to loncontrol CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom / init.d
File:  [LON-CAPA] / loncom / init.d / loncontrol
Revision 1.20: download - view: text, annotated - select for diffs
Thu Dec 2 18:49:55 2004 UTC (19 years, 6 months ago) by matthew
Branches: MAIN
CVS tags: HEAD
Added firewall port opening code.

    1: #!/usr/bin/perl
    2: #
    3: # The LearningOnline Network with CAPA
    4: #
    5: # Startup script for the LON-CAPA network processes
    6: #
    7: # YEAR=2000
    8: # YEAR=2001
    9: # YEAR=2002
   10: 
   11: # chkconfig: 345 95 5
   12: # description: LON-CAPA is a "network of knowledge".  It is used to
   13: # distribute knowledge resources and instructional management.
   14: # processnames: lonc, lond, lonsql
   15: # pidfiles: /home/httpd/perl/logs/lon*.pid
   16: # config: /etc/httpd/conf/loncapa.conf
   17: # config: /home/httpd/lonTabs/hosts.tab
   18: # config: /home/httpd/lonTabs/spare.tab
   19: 
   20: $command=$ARGV[0]; $command=~s/[^a-z]//g;
   21: 
   22: $ENV{'PATH'}="/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin";
   23: $ENV{'BASH_ENV'}="";
   24: 
   25: { # Firewall variable scoping
   26:     # Firewall code is based on the code in FC2 /etc/init.d/ntpd
   27:     my $fw_chain = 'RH-Firewall-1-INPUT';
   28:     my $iptables = '/sbin/iptables';
   29:     my $port = 5663;
   30: 
   31: sub firewall_open_port {
   32:     return if (! &firewall_is_active);
   33:     print "Opening firewall access on port $port\n";
   34:     if (! `$iptables -L -n 2>/dev/null | grep $fw_chain | wc -l`) { return; }
   35:     # iptables is running with our chain
   36:     #
   37:     # We could restrict the servers allowed to attempt to communicate
   38:     # here, but the logistics of updating the /home/httpd/lonTabs/host.tab
   39:     # file are likely to be a problem
   40:     my $firewall_command = 
   41:         "$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT";
   42:     system($firewall_command);
   43:     my $return_status = $?>>8;
   44:     if ($return_status == 1) {
   45:         # Error
   46:         print "Error opening port.\n";
   47:     } elsif ($return_status == 2) {
   48:         # Bad command
   49:         print "Bad command error opening port.  Command was\n".
   50:             "  ".$firewall_command."\n";
   51:     }
   52: }
   53: 
   54: sub firewall_is_port_open {
   55:     # returns 1 if the firewall port is open, 0 if not.
   56:     #
   57:     # check if firewall is active or installed
   58:     return if (! &firewall_is_active);
   59:     if (`$iptables -L -n 2>/dev/null | grep "tcp dpt:$port"`) { 
   60:         return 1;
   61:     } else {
   62:         return 0;
   63:     }
   64: }
   65: 
   66: sub firewall_is_active {
   67:     if (-e '/proc/net/ip_tables_names') {
   68:         return 1;
   69:     } else {
   70:         return 0;
   71:     }
   72: }
   73: 
   74: sub firewall_close_port {
   75:     return if (! &firewall_is_active);
   76:     print "Closing firewall access on port $port\n";
   77:     my $firewall_command = 
   78:         "$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT";
   79:     system($firewall_command);
   80:     my $return_status = $?>>8;
   81:     if ($return_status == 1) {
   82:         # Error
   83:         print "Error closing port.\n";
   84:     } elsif ($return_status == 2) {
   85:         # Bad command
   86:         print "Bad command error closing port.  Command was\n".
   87:             "  ".$firewall_command."\n";
   88:     }
   89: }
   90: 
   91: } # End firewall variable scope
   92: 
   93: sub stop_daemon {
   94:     my ($daemon,$killallname)=@_;
   95:     my $pidfile="/home/httpd/perl/logs/$daemon.pid";
   96:     
   97:     printf("%-10s ",$daemon);
   98:     if (-e $pidfile) {
   99: 	open(PIDFILE,$pidfile);
  100: 	my $daemonpid=<PIDFILE>;
  101: 	chomp($daemonpid);
  102: 	kill TERM => $daemonpid;
  103: 	sleep 2;
  104: 	if (kill 0 => $daemonpid) {
  105: 	    kill KILL => $daemonpid;
  106: 	    sleep 2;
  107: 	    if (kill 0 => $daemonpid) {
  108: 		print("failed to kill");
  109: 	    } else {
  110: 		print("killed");
  111: 	    }
  112: 	} else {
  113: 	    print("stopped");
  114: 	}
  115:     } else {
  116: 	print("not running");
  117:     }
  118:     system("killall -q -0 $killallname");
  119:     if ($? == 0) {
  120: 	system("killall -q $killallname");
  121: 	print(", killed off extraneous processes");
  122:     }
  123:     print("\n");
  124: }
  125: 
  126: 
  127: if (($command eq "restartold") or ($command eq "reloadold")) {
  128:     print 'Restarting LON-CAPA'."\n";
  129:     print 'Ending LON-CAPA client and daemon processes'."\n";
  130:     foreach my $daemon ('lonsql','lond','lonc','lonhttpd') {
  131: 	&stop_daemon($daemon,$daemon);
  132:     }
  133:     print 'Starting LON-CAPA client and daemon processes (please be patient)'.
  134: 	"\n";
  135:     system("su www -c '/home/httpd/perl/loncron --oldlonc --justcheckdaemons'");
  136: } elsif (($command eq "restart") or ($command eq "reload")) {
  137:     print 'Restarting LON-CAPA'."\n";
  138:     print 'Ending LON-CAPA client and daemon processes'."\n";
  139:     foreach my $daemon ('lonsql','lond','lonc','lonhttpd') {
  140: 	my $killallname=$daemon;
  141: 	if ($daemon eq 'lonc') { $killallname='loncnew'; }
  142: 	&stop_daemon($daemon,$killallname);
  143:     }
  144:     print 'Starting LON-CAPA client and daemon processes (please be patient)'.
  145: 	"\n";
  146:     system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'");
  147: } elsif ($command eq "stop") {
  148:     print 'Stopping LON-CAPA'."\n";
  149:     foreach my $daemon ('lonsql','lond','lonc','lonhttpd') {
  150: 	my $killallname=$daemon;
  151: 	if ($daemon eq 'lonc') { $killallname='loncnew'; }
  152: 	&stop_daemon($daemon,$killallname);
  153:     }
  154:     &firewall_close_port();
  155: } elsif ($command eq "startold") {
  156:     &firewall_open_port();
  157:     print 'Starting LON-CAPA'."\n";
  158:     print 'Starting LON-CAPA client and daemon processes (please be patient)'.
  159: 	"\n"; 
  160:     system("su www -c '/home/httpd/perl/loncron --oldlonc --justcheckdaemons'");
  161: } elsif ($command eq "start") {
  162:     &firewall_open_port();
  163:     print 'Starting LON-CAPA'."\n";
  164:     print 'Starting LON-CAPA client and daemon processes (please be patient)'.
  165: 	"\n"; 
  166:     system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'");
  167: } elsif ($command eq "status") {
  168:     $response=`/bin/cat /home/httpd/perl/logs/*.pid 2>&1`;
  169:     if ($response=~/No such file or directory/) {
  170: 	print 'LON-CAPA is not running.'."\n";
  171:     } else {
  172: 	print 'LON-CAPA is running.'."\n";
  173: 	system("su www -c '/home/httpd/perl/loncron --justcheckconnections'");
  174:     }
  175:     if (! &firewall_is_active) {
  176:         print 'The iptables firewall is not active'."\n";
  177:     }
  178:     if (&firewall_is_port_open()) {
  179:         print 'The LON-CAPA port is open in firewall.'."\n";
  180:     } elsif (&firewall_is_active) {
  181:         print 'The LON-CAPA port is NOT open in running firewall!'."\n";
  182:     }
  183: } else {
  184:     print 'You need to specify one of restart|stop|start|status on the command line.'."\n";
  185: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>