2 # Deal with redhat's /etc/sysconfig/iptables save file and startup script
4 &foreign_require("init", "init-lib.pl");
5 $init_script = "$init::config{'init_dir'}/iptables";
8 # Returns an error message if something is wrong with iptables on this system
11 if (!-r $init_script) {
12 return &text('redhat_escript', "<tt>$init_script</tt>");
14 return undef if ($gconfig{'os_type'} eq 'trustix-linux');
15 return undef if ($gconfig{'os_type'} eq 'redhat-linux' &&
16 $gconfig{'os_version'} > 10);
17 if (!$config{'done_check_iptables'}) {
18 local $out = `$init_script status 2>&1`;
19 if ($out !~ /table:|INPUT|FORWARD|OUTPUT|is\s+stopped|firewall\s+stopped/) {
20 return &text('redhat_eoutput',
21 "<tt>$init_script status</tt>");
23 $config{'done_check_iptables'} = 1;
24 &save_module_config();
29 $iptables_save_file = "/etc/sysconfig/iptables";
32 # Applies the current iptables configuration from the save file
35 local $out = &backquote_logged("cd / ; $init_script restart 2>&1");
36 $out =~ s/\033[^m]+m//g;
37 return $? || $out =~ /FAILED/ ? "<pre>$out</pre>" : undef;
41 # Writes the current iptables configuration to the save file
44 $out = &backquote_logged("cd / ; $init_script save 2>&1 </dev/null");
45 $out =~ s/\033[^m]+m//g;
46 if ($? && $out =~ /usage/i) {
47 # 'save' argument not supported .. call iptables-save manually
48 return &iptables_save();
50 return $? || $out =~ /FAILED/ ? "<pre>$out</pre>" : undef;
56 return &init::action_status("iptables") == 2;
61 &init::enable_at_boot("iptables"); # Assumes init script exists
66 &init::disable_at_boot("iptables");