|
version 1.3, 2010/10/12 10:17:10
|
version 1.7, 2018/10/24 04:19:27
|
|
Line 88 if (-e $tmpfile) {
|
Line 88 if (-e $tmpfile) {
|
| &Exit(3); |
&Exit(3); |
| } |
} |
| |
|
| # --------------------------- Handle case of another lciptables process (locking) |
my ($opened,$closed); |
| unless (&try_to_lock("/tmp/lock_lciptables")) { |
|
| print "Error. Too many other simultaneous iptables manipulation requests being ". |
|
| "made.\n" unless $noprint; |
|
| &Exit(4); |
|
| } |
|
| |
|
| my $lond_port = &LONCAPA::Firewall::get_lond_port(); |
my $lond_port = &LONCAPA::Firewall::get_lond_port(); |
| |
if (($lond_port eq '') || ($lond_port =~ /\D/)) { |
| |
print "Error. Invalid lond port\n" unless $noprint; |
| |
&Exit(3); |
| |
} |
| |
my $iptables = &LONCAPA::Firewall::get_pathto_iptables(); |
| |
if ($iptables eq '') { |
| |
print "Error. No path to iptables\n" unless $noprint; |
| |
&Exit(3); |
| |
} |
| |
|
| |
my $firewalld = &LONCAPA::Firewall::uses_firewalld(); |
| |
|
| &EnableRoot(); |
&EnableRoot(); |
| |
|
| my @fw_chains = &LONCAPA::Firewall::get_fw_chains(); |
my @fw_chains = &LONCAPA::Firewall::get_fw_chains(); |
| my $iptables = &LONCAPA::Firewall::get_pathto_iptables(); |
if ($firewalld) { |
| my $firewall_result = |
$<=0; |
| &LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains,$lond_port,[$lond_port]); |
|
| if ($firewall_result) { |
|
| print "$firewall_result\n"; |
|
| } |
|
| my $firewall_result = &LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port]); |
|
| if ($firewall_result) { |
|
| print "$firewall_result\n"; |
|
| } |
} |
| |
$opened = |
| |
&LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port]); |
| |
$closed = |
| |
&LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port]); |
| |
if ($firewalld) { |
| |
$<=$wwwid; |
| |
} |
| |
&DisableRoot(); |
| |
|
| # -------------------------------------------------------- Exit script |
# -------------------------------------------------------- Exit script |
| |
if ($opened) { |
| |
print "$opened\n"; |
| |
} |
| |
if ($closed) { |
| |
print "$closed\n"; |
| |
} |
| print "lciptables Exiting\n" unless $noprint; |
print "lciptables Exiting\n" unless $noprint; |
| &DisableRoot; |
|
| unlink('/tmp/lock_lciptables'); |
|
| &Exit(0); |
&Exit(0); |
| |
|
| |
|
| sub EnableRoot { |
sub EnableRoot { |
| if ($wwwid==$>) { |
if ($wwwid==$>) { |
| ($<,$>)=($>,$<); |
($<,$>)=($>,$<); |
|
Line 140 sub DisableRoot {
|
Line 147 sub DisableRoot {
|
| } |
} |
| } |
} |
| |
|
| sub try_to_lock { |
|
| my ($lockfile)=@_; |
|
| my $currentpid; |
|
| my $lastpid; |
|
| # Do not manipulate lock file as root |
|
| if ($>==0) { |
|
| return 0; |
|
| } |
|
| # Try to generate lock file. |
|
| # Wait 3 seconds. If same process id is in |
|
| # lock file, then assume lock file is stale, and |
|
| # go ahead. If process id's fluctuate, try |
|
| # for a maximum of 10 times. |
|
| for (0..10) { |
|
| if (-e $lockfile) { |
|
| open(LOCK,"<$lockfile"); |
|
| $currentpid=<LOCK>; |
|
| close LOCK; |
|
| if ($currentpid==$lastpid) { |
|
| last; |
|
| } |
|
| sleep 3; |
|
| $lastpid=$currentpid; |
|
| } else { |
|
| last; |
|
| } |
|
| if ($_==10) { |
|
| return 0; |
|
| } |
|
| } |
|
| open(LOCK,">$lockfile"); |
|
| print LOCK $$; |
|
| close LOCK; |
|
| return 1; |
|
| } |
|
| |
|
| sub Exit { |
sub Exit { |
| my ($code) = @_; |
my ($code) = @_; |
| &DisableRoot(); |
&DisableRoot(); |
![[BACK]](/icons/back.gif){kind=icon}
Return to lciptables CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom