Skip to content

Commit f19e925

Browse files
frank-zhangfrank-zhang
committed
use ufw to configure iptable in ubuntu for mgmt server ports
1 parent f41b352 commit f19e925

3 files changed

Lines changed: 23 additions & 3 deletions

File tree

python/lib/cloudutils/serviceConfig.py

100644100755
Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -651,3 +651,23 @@ def __init__(self, syscfg):
651651
self.ports = "443 8080 8096 8250 8443 9090".split()
652652
else:
653653
self.ports = "8080 8096 8250 9090".split()
654+
655+
class ubuntuFirewallConfigServer(firewallConfigServer):
656+
def allowPort(self, port):
657+
status = False
658+
try:
659+
status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
660+
except:
661+
pass
662+
663+
if not status:
664+
bash("ufw allow %s/tcp"%port)
665+
666+
def config(self):
667+
try:
668+
for port in self.ports:
669+
self.allowPort(port)
670+
671+
return True
672+
except:
673+
raise

python/lib/cloudutils/syscfg.py

100644100755
Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -178,4 +178,4 @@ def __init__(self, glbEnv):
178178
super(sysConfigServerUbuntu, self).__init__(glbEnv)
179179
self.svo = serviceOpsUbuntu()
180180
self.services = [sudoersConfig(self),
181-
firewallConfigServer(self)]
181+
ubuntuFirewallConfigServer(self)]

python/lib/cloudutils/utilities.py

100644100755
Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -155,7 +155,7 @@ def isKVMEnabled(self):
155155
class serviceOpsUbuntu(serviceOps):
156156
def isServiceRunning(self, servicename):
157157
try:
158-
o = bash("service " + servicename + " status")
158+
o = bash("/usr/sbin/service " + servicename + " status")
159159
if "running" in o.getStdout() or "start" in o.getStdout():
160160
return True
161161
else:
@@ -165,7 +165,7 @@ def isServiceRunning(self, servicename):
165165

166166
def stopService(self, servicename,force=False):
167167
if self.isServiceRunning(servicename) or force:
168-
return bash("service " + servicename +" stop").isSuccess()
168+
return bash("/usr/sbin/service " + servicename +" stop").isSuccess()
169169

170170
def disableService(self, servicename):
171171
result = self.stopService(servicename)

0 commit comments

Comments
 (0)