From 38ff401f11addce463ddc4035f7a9305edd3adc0 Mon Sep 17 00:00:00 2001
From: Luke De Mouy <lukedemouydev@gmail.com>
Date: Mon, 11 Jan 2016 14:17:02 -0700
Subject: [PATCH] Copy the functionality from the original utility into the
 Firewall class, in particular adds in the following functionality: Start,
 Stop, and Restart the firewall, and see if it's running Open or Close a port,
 and get a list of the ports that are currently open.

UI code was removed, and functions were modified as appropriate.
---
 src/library/sysadm-firewall.cpp | 94 ++++++++++++++++++++++++++++++++-
 src/library/sysadm-firewall.h   | 54 ++++++++++++++++++-
 2 files changed, 146 insertions(+), 2 deletions(-)

diff --git a/src/library/sysadm-firewall.cpp b/src/library/sysadm-firewall.cpp
index 3efd387..ce33cb6 100644
--- a/src/library/sysadm-firewall.cpp
+++ b/src/library/sysadm-firewall.cpp
@@ -70,9 +70,63 @@ PortInfo Firewall::LookUpPort(int portNumber, QString portType)
 
 }
 
-Firewall::Firewall()
+void Firewall::OpenPort(int port, QString type)
 {
+    openports << QString::number(port)+"::::"+type;
+    SaveOpenPorts();
+}
+
+void Firewall::ClosePort(int port, QString type)
+{
+    openports.removeAll( QString::number(port)+"::::"+type);
+    SaveOpenPorts();
+}
+
+QVector<PortInfo> Firewall::OpenPorts()
+{
+    QVector<PortInfo> returnValue = QVector<PortInfo>(openports.length());
+
+    for(int i=0; i<openports.length(); i++){
+      returnValue.append( LookUpPort(openports[i].section("::::",0,0).toInt(),openports[i].section("::::",1,1)));
+    }
+    return returnValue;
+
+}
+
+bool Firewall::IsRunning()
+{
+    QProcess proc;
+    proc.start("sysctl net.inet.ip.fw.enable");
+    if(proc.waitForFinished() || proc.canReadLine())
+    {
+        if (proc.canReadLine())
+        {
+            QString line = proc.readLine();
+            if(line.section(":",1,1).simplified().toInt() ==1) { return true; }
+        }
+    }
+    return false;
+}
+
+void Firewall::Start()
+{
+    system("/etc/rc.d/ipfw start");
+}
+
+void Firewall::Stop()
+{
+    system("/etc/rc.d/ipfw stop");
+}
+
+void Firewall::Restart()
+{
+    system("/etc/rc.d/ipfw restart");
+}
+
+Firewall::Firewall()
+{    
     readServicesFile();
+    LoadOpenPorts();
 }
 
 Firewall::~Firewall()
@@ -103,4 +157,42 @@ void Firewall::readServicesFile()
     services->close();
     delete services;
 }
+
+void Firewall::LoadOpenPorts()
+{
+  openports.clear();
+  QFile file("/etc/ipfw.openports");
+  if( file.open(QIODevice::ReadOnly) ){
+    QTextStream in(&file);
+    while( !in.atEnd() ){
+      QString line = in.readLine();
+      if(line.startsWith("#") || line.simplified().isEmpty()){ continue; }
+      //File format: "<type> <port>" (nice and simple)
+      openports << line.section(" ",1,1)+"::::"+line.section(" ",0,0);
+    }
+    file.close();
+  }
+  openports.sort(); //order them in ascending port order
+}
+
+void Firewall::SaveOpenPorts()
+{
+    //Convert to file format
+      openports.sort(); //make sure they are still sorted by port
+      QStringList fileout;
+      for(int i=0; i<openports.length(); i++){
+        fileout << openports[i].section("::::",1,1)+" "+openports[i].section("::::",0,0);
+      }
+      //Always make sure that the file always ends with a newline
+      if(!fileout.isEmpty()){ fileout << ""; }
+      //Save to file
+      QFile file("/etc/ipfw.openports");
+      if( file.open(QIODevice::WriteOnly | QIODevice::Truncate) ){
+        QTextStream out(&file);
+        out << fileout.join("\n");
+        file.close();
+      }
+      //Re-load/start rules (just in case - it is a smart script)
+      if(IsRunning()){ system("sh /usr/local/share/pcbsd/scripts/reset-firewall"); }
+}
  
diff --git a/src/library/sysadm-firewall.h b/src/library/sysadm-firewall.h
index dbdccae..62d1bcd 100644
--- a/src/library/sysadm-firewall.h
+++ b/src/library/sysadm-firewall.h
@@ -23,22 +23,74 @@ class Firewall
 {
 
 public:
+    ///#section: port commands
     /**
      * @description Returns a structure containing information about the port
      * including its port type, keyword, description, and whether it's a
      * recommended port
      *
-     * @parameter portNumber a port number between 0 and 2^16 - 1
+     * @param portNumber a port number between 0 and 2^16 - 1
+     * @param portType specify whether the port is tdp, udp, etc
      *
      * @ErrorConditions Port Number is set to -1 and a description of the error is stored in the description variable
      */
     PortInfo LookUpPort(int portNumber, QString portType);
+    /**
+     * @brief Opens a port
+     * @param portNumber a port number between 0 and 2^16 -1
+     * @param portType specify whether the port is tdp, udp, etc
+     */
+    void OpenPort(int portNumber, QString portType);
+
+    /**
+     * @brief ClosePort closes a port
+     * @param portNumber a port number between 0 and 2^16 -1
+     * @param portType specify whether the port is tdp, udp, etc
+     */
+    void ClosePort(int portNumber, QString portType);
+
+    /**
+     * @brief finds a list of ports that are open gets the info about them
+     * and returns them
+     * @return a QVector of the open ports
+     */
+    QVector<PortInfo> OpenPorts();
+
+    ///#endsection
+
+    ///#section: firewall commands
+    /**
+     * @brief Checks to see if the firewall is running
+     * @return true if the firewall is running, false if not
+     */
+    bool IsRunning();
+    /**
+     * @brief Starts the firewall
+     */
+    void Start();
+    /**
+     * @brief Stops the firewall
+     */
+    void Stop();
+    /**
+     * @brief Restarts the firewall
+     */
+    void Restart();
+    ///#endsection
+
+    ///#section: ctors dtors
     Firewall();
     ~Firewall();
+    ///#endsection
 
 private:
     void readServicesFile();
     QStringList* portStrings;
+
+    QStringList openports;
+
+    void LoadOpenPorts();
+    void SaveOpenPorts();
 };
 }
 #endif // PORTLOOKUP_H