--- loncom/lciptables 2018/10/24 04:19:27 1.7 +++ loncom/lciptables 2019/06/09 02:35:37 1.9 @@ -2,7 +2,7 @@ # # The Learning Online Network with CAPA # -# $Id: lciptables,v 1.7 2018/10/24 04:19:27 raeburn Exp $ +# $Id: lciptables,v 1.9 2019/06/09 02:35:37 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -73,18 +73,27 @@ if (@ARGV != 1) { &Exit(2); } my $tmpfile = $ARGV[0]; -if (-e $tmpfile) { - if (open(my $fh,"<$tmpfile")) { - while(<$fh>) { - chomp(); - $iphost{$_} = 1; +if ($tmpfile =~ m{^\Q/home/httpd/perl/tmp/lciptables_iphost_\E\d+$}) { + if (-e $tmpfile) { + if (open(my $fh,"<$tmpfile")) { + while(<$fh>) { + chomp(); + if (/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/) { + if (($1<=255) && ($2<=255) && ($3<=255) && ($4<=255)) { + $iphost{$_} = 1; + } + } + } + close($fh); + } else { + &Exit(3); } - close($fh); } else { - &Exit(3); + print "Error. File containing IP addresses of hosts in cluster does not exist\n" unless $noprint; + &Exit(3); } } else { - print "Error. File containing IP addresses of hosts in cluster does not exist\n" unless $noprint; + print "Error. Invalid filename for file containing IP addresses\n" unless $noprint; &Exit(3); } @@ -100,7 +109,7 @@ if ($iptables eq '') { &Exit(3); } -my $firewalld = &LONCAPA::Firewall::uses_firewalld(); +my ($firewalld) = &LONCAPA::Firewall::uses_firewalld(); &EnableRoot(); my @fw_chains = &LONCAPA::Firewall::get_fw_chains(); @@ -108,9 +117,9 @@ if ($firewalld) { $<=0; } $opened = - &LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port]); + &LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port],$firewalld); $closed = - &LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port]); + &LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port],$firewalld); if ($firewalld) { $<=$wwwid; }