fumantsu
02-12-16, 11:19
Καλησπερα,
Θα ηθελα τα φωτα καποιου γνωστη στην Perl. Δυστυχως η γνωση πανω σε αυτη ειναι μικρη. Εχουμε τον παρακατω κωδικα που κανει configure το firewalld σε Centos7:
sub firewall_conf {
my @tcp_ports = (21, 22, 443);
my @should_be_closed_tcp_ports = (111, '1024-1975', '1977-2811', '2813-5000', '5002-7912', '7914-8004', '8010-8079', '8081-9122', '9126-9998', '10000-65535');
my @udp_ports = (123, 161);
my @should_be_closed_udp_ports = ('10000-65535');
my $retcode = 1;
my $fw_running = 0;
eval {
$fw_running = 1 if `firewall-cmd --state` =~ /^running/;
print "firewall running? $fw_running\n";
system("/bin/rm -f /etc/firewalld/zones/public.xml") == 0 or print "failed to remove existing public zone configuration\n";
system("systemctl enable firewalld") == 0 or die "failed to enable firewall\n";
system("systemctl start firewalld") == 0 or die "failed to start firewall\n";
system("firewall-cmd --set-default-zone=public") == 0 or die "failed to set default zone to 'public'\n";
map { add_fw_port "$_/tcp" } @tcp_ports, @should_be_closed_tcp_ports;
map { add_fw_port "$_/udp" } @udp_ports, @should_be_closed_udp_ports;
};
if ($@) {
print "ERROR: failed to configure firewall: $@";
if (! $fw_running) {
system("systemctl stop firewalld") == 0 or print "ERROR: failed to stop firewall\n";
}
$retcode = 0;
}
return $retcode;
}
Θελω να ρωτησω:
α) Ο κωδικας θα τρεχει αν βρει οτι το firewalld τρεχει;
β) Αν βρει οτι το firewall ΔΕΝ τρεχει τι κανει;
Θα ηθελα τα φωτα καποιου γνωστη στην Perl. Δυστυχως η γνωση πανω σε αυτη ειναι μικρη. Εχουμε τον παρακατω κωδικα που κανει configure το firewalld σε Centos7:
sub firewall_conf {
my @tcp_ports = (21, 22, 443);
my @should_be_closed_tcp_ports = (111, '1024-1975', '1977-2811', '2813-5000', '5002-7912', '7914-8004', '8010-8079', '8081-9122', '9126-9998', '10000-65535');
my @udp_ports = (123, 161);
my @should_be_closed_udp_ports = ('10000-65535');
my $retcode = 1;
my $fw_running = 0;
eval {
$fw_running = 1 if `firewall-cmd --state` =~ /^running/;
print "firewall running? $fw_running\n";
system("/bin/rm -f /etc/firewalld/zones/public.xml") == 0 or print "failed to remove existing public zone configuration\n";
system("systemctl enable firewalld") == 0 or die "failed to enable firewall\n";
system("systemctl start firewalld") == 0 or die "failed to start firewall\n";
system("firewall-cmd --set-default-zone=public") == 0 or die "failed to set default zone to 'public'\n";
map { add_fw_port "$_/tcp" } @tcp_ports, @should_be_closed_tcp_ports;
map { add_fw_port "$_/udp" } @udp_ports, @should_be_closed_udp_ports;
};
if ($@) {
print "ERROR: failed to configure firewall: $@";
if (! $fw_running) {
system("systemctl stop firewalld") == 0 or print "ERROR: failed to stop firewall\n";
}
$retcode = 0;
}
return $retcode;
}
Θελω να ρωτησω:
α) Ο κωδικας θα τρεχει αν βρει οτι το firewalld τρεχει;
β) Αν βρει οτι το firewall ΔΕΝ τρεχει τι κανει;