github-personal/sysadm
1
0
Fork 0
mirror of https://github.com/outbackdingo/sysadm.git synced 2026-01-27 10:20:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move system() calls over to their equivalents from sysadm-general.

Browse Source 
Note: It would probably be a good idea for sysadm-general to have an API
for changing rc.conf
This commit is contained in:
Luke De Mouy
2016-01-12 10:48:00 -07:00
parent 58db613ab7
commit de6e1b41de
2 changed files with 77 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
src/library/sysadm-firewall.cpp
View File

@@ -5,6 +5,7 @@
// See the LICENSE file for full details
#include "sysadm-firewall.h"
#include "sysadm-general.h"
#include <QtCore>
#include <algorithm>
@@ -116,41 +117,86 @@ QVector<PortInfo> Firewall::OpenPorts()
bool Firewall::IsRunning()
{
QProcess proc;
proc.start("sysctl net.inet.ip.fw.enable");
if(proc.waitForFinished() || proc.canReadLine())
{
if (proc.canReadLine())
{
QString line = proc.readLine();
if(line.section(":",1,1).simplified().toInt() ==1) { return true; }
}
}
return false;
return General::sysctlAsInt("net.inet.ip.fw.enable") == 1;
}
void Firewall::Start()
{
system("/etc/rc.d/ipfw start");
Enable();
QStringList args;
args << "start";
General::RunCommand("/etc/rc.d/ipfw",args);
}
void Firewall::Stop()
{
system("/etc/rc.d/ipfw stop");
Enable();
QStringList args;
args << "stop";
General::RunCommand("/etc/rc.d/ipfw",args);
}
void Firewall::Restart()
{
system("/etc/rc.d/ipfw restart");
Enable();
QStringList args;
args << "restart";
General::RunCommand("/etc/rc.d/ipfw",args);
}
void Firewall::Enable()
{
//check if rc.conf has firewall_enable="YES"
QStringList rcConf = General::readTextFile("/etc/rc.conf");
if (rcConf.filter("firewall_enabled=\"YES\"").size() == 0)
{
rcConf.removeAll("firewall_enable=\"NO\"");
rcConf.append("firewall_enabled=\"YES\"");
General::writeTextFile("/etc/rc.conf",rcConf);
}
}
void Firewall::Disable()
{
//check if rc.conf has firewall_enable="NO"
QStringList rcConf = General::readTextFile("/etc/rc.conf");
if (rcConf.filter("firewall_enabled=\"NO\"").size() == 0)
{
rcConf.removeAll("firewall_enable=\"YES\"");
rcConf.append("firewall_enabled=\"NO\"");
General::writeTextFile("/etc/rc.conf",rcConf);
}
}
void Firewall::RestoreDefaults()
{
const QString ipfwrules = "/etc/ipfw.rules";
const QString ipfwrulesprevious = ipfwrules + ".previous";
const QString ipfwopenports = "/etc/ipfw.openports";
const QString ipfwopenportsprevious = ipfwopenports + ".previous";
//QFile has a rename command that acts like move, however it won't
//clobber a file if it already exists, so we have to check if there
//already is a .previous and if so delete it before moving the file
//to .previous
//move the files out of the way
system("mv /etc/ipfw.rules /etc/ipfw.rules.previous");
system("mv /etc/ipfw.openports /etc/ipfw.openports.previous");
if(QFile::exists(ipfwrulesprevious))
QFile::remove(ipfwrulesprevious);
QFile::rename(ipfwrules,ipfwrulesprevious);
if(QFile::exists(ipfwopenportsprevious))
QFile::remove(ipfwopenportsprevious);
QFile::rename(ipfwopenports,ipfwopenportsprevious);
//refresh/restart the rules files
system("sh /usr/local/share/pcbsd/scripts/reset-firewall");
QStringList args;
args << "/usr/local/share/pcbsd/scripts/reset-firewall";
General::RunCommand("sh",args);
LoadOpenPorts();
}
@@ -227,6 +273,11 @@ void Firewall::SaveOpenPorts()
file.close();
}
//Re-load/start rules (just in case - it is a smart script)
if(IsRunning()){ system("sh /usr/local/share/pcbsd/scripts/reset-firewall"); }
if(IsRunning())
{
QStringList args;
args << "/usr/local/share/pcbsd/scripts/reset-firewall";
General::RunCommand("sh",args);
}
}

9
src/library/sysadm-firewall.h
View File

@@ -98,7 +98,14 @@ public:
* @brief Restarts the firewall
*/
void Restart();
/**
* @brief Enables the firewall in rc.conf, Start() will automatically enable the firewall
*/
void Enable();
/**
* @brief Disables the firewall in rc.conf use after Stop() to completely disable
*/
void Disable();
/**
* @brief Restores the Default Configuration
*/