Copy the functionality from the original utility into the Firewall

class, in particular adds in the following functionality: Start, Stop, and Restart the firewall, and see if it's running Open or Close a port, and get a list of the ports that are currently open. UI code was removed, and functions were modified as appropriate.
2026-01-27 10:20:26 +00:00 · 2016-01-11 14:17:02 -07:00
parent 35c090da89
commit 38ff401f11
2 changed files with 146 additions and 2 deletions
--- a/src/library/sysadm-firewall.cpp
+++ b/src/library/sysadm-firewall.cpp
@@ -70,9 +70,63 @@ PortInfo Firewall::LookUpPort(int portNumber, QString portType)

 }

-Firewall::Firewall()
+void Firewall::OpenPort(int port, QString type)
 {
+    openports << QString::number(port)+"::::"+type;
+    SaveOpenPorts();
+}
+
+void Firewall::ClosePort(int port, QString type)
+{
+    openports.removeAll( QString::number(port)+"::::"+type);
+    SaveOpenPorts();
+}
+
+QVector<PortInfo> Firewall::OpenPorts()
+{
+    QVector<PortInfo> returnValue = QVector<PortInfo>(openports.length());
+
+    for(int i=0; i<openports.length(); i++){
+      returnValue.append( LookUpPort(openports[i].section("::::",0,0).toInt(),openports[i].section("::::",1,1)));
+    }
+    return returnValue;
+
+}
+
+bool Firewall::IsRunning()
+{
+    QProcess proc;
+    proc.start("sysctl net.inet.ip.fw.enable");
+    if(proc.waitForFinished() || proc.canReadLine())
+    {
+        if (proc.canReadLine())
+        {
+            QString line = proc.readLine();
+            if(line.section(":",1,1).simplified().toInt() ==1) { return true; }
+        }
+    }
+    return false;
+}
+
+void Firewall::Start()
+{
+    system("/etc/rc.d/ipfw start");
+}
+
+void Firewall::Stop()
+{
+    system("/etc/rc.d/ipfw stop");
+}
+
+void Firewall::Restart()
+{
+    system("/etc/rc.d/ipfw restart");
+}
+
+Firewall::Firewall()
+{    
    readServicesFile();
+    LoadOpenPorts();
 }

 Firewall::~Firewall()
@@ -103,4 +157,42 @@ void Firewall::readServicesFile()
    services->close();
    delete services;
 }
+
+void Firewall::LoadOpenPorts()
+{
+  openports.clear();
+  QFile file("/etc/ipfw.openports");
+  if( file.open(QIODevice::ReadOnly) ){
+    QTextStream in(&file);
+    while( !in.atEnd() ){
+      QString line = in.readLine();
+      if(line.startsWith("#") || line.simplified().isEmpty()){ continue; }
+      //File format: "<type> <port>" (nice and simple)
+      openports << line.section(" ",1,1)+"::::"+line.section(" ",0,0);
+    }
+    file.close();
+  }
+  openports.sort(); //order them in ascending port order
+}
+
+void Firewall::SaveOpenPorts()
+{
+    //Convert to file format
+      openports.sort(); //make sure they are still sorted by port
+      QStringList fileout;
+      for(int i=0; i<openports.length(); i++){
+        fileout << openports[i].section("::::",1,1)+" "+openports[i].section("::::",0,0);
+      }
+      //Always make sure that the file always ends with a newline
+      if(!fileout.isEmpty()){ fileout << ""; }
+      //Save to file
+      QFile file("/etc/ipfw.openports");
+      if( file.open(QIODevice::WriteOnly | QIODevice::Truncate) ){
+        QTextStream out(&file);
+        out << fileout.join("\n");
+        file.close();
+      }
+      //Re-load/start rules (just in case - it is a smart script)
+      if(IsRunning()){ system("sh /usr/local/share/pcbsd/scripts/reset-firewall"); }
+}
 
--- a/src/library/sysadm-firewall.h
+++ b/src/library/sysadm-firewall.h
@@ -23,22 +23,74 @@ class Firewall
 {

 public:
+    ///#section: port commands
    /**
     * @description Returns a structure containing information about the port
     * including its port type, keyword, description, and whether it's a
     * recommended port
     *
-     * @parameter portNumber a port number between 0 and 2^16 - 1
+     * @param portNumber a port number between 0 and 2^16 - 1
+     * @param portType specify whether the port is tdp, udp, etc
     *
     * @ErrorConditions Port Number is set to -1 and a description of the error is stored in the description variable
     */
    PortInfo LookUpPort(int portNumber, QString portType);
+    /**
+     * @brief Opens a port
+     * @param portNumber a port number between 0 and 2^16 -1
+     * @param portType specify whether the port is tdp, udp, etc
+     */
+    void OpenPort(int portNumber, QString portType);
+
+    /**
+     * @brief ClosePort closes a port
+     * @param portNumber a port number between 0 and 2^16 -1
+     * @param portType specify whether the port is tdp, udp, etc
+     */
+    void ClosePort(int portNumber, QString portType);
+
+    /**
+     * @brief finds a list of ports that are open gets the info about them
+     * and returns them
+     * @return a QVector of the open ports
+     */
+    QVector<PortInfo> OpenPorts();
+
+    ///#endsection
+
+    ///#section: firewall commands
+    /**
+     * @brief Checks to see if the firewall is running
+     * @return true if the firewall is running, false if not
+     */
+    bool IsRunning();
+    /**
+     * @brief Starts the firewall
+     */
+    void Start();
+    /**
+     * @brief Stops the firewall
+     */
+    void Stop();
+    /**
+     * @brief Restarts the firewall
+     */
+    void Restart();
+    ///#endsection
+
+    ///#section: ctors dtors
    Firewall();
    ~Firewall();
+    ///#endsection

 private:
    void readServicesFile();
    QStringList* portStrings;
+
+    QStringList openports;
+
+    void LoadOpenPorts();
+    void SaveOpenPorts();
 };
 }
 #endif // PORTLOOKUP_H