diff --git a/bin/v-restart-service b/bin/v-restart-service index ff69ba4b..612b3fb6 100755 --- a/bin/v-restart-service +++ b/bin/v-restart-service @@ -27,9 +27,17 @@ check_args '1' "$#" 'SERVICE' # Action # #----------------------------------------------------------# -service $service restart >/dev/null 2>&1 -if [ $? -ne 0 ]; then - exit $E_RESTART +if [ "$service" != "iptables" ]; then + service $service restart >/dev/null 2>&1 + if [ $? -ne 0 ]; then + exit $E_RESTART + fi +else + $BIN/v-stop-firewall + $BIN/v-update-firewall + if [ $? -ne 0 ]; then + exit $E_RESTART + fi fi diff --git a/bin/v-start-service b/bin/v-start-service index e07717a7..970c7ca0 100755 --- a/bin/v-start-service +++ b/bin/v-start-service @@ -27,9 +27,16 @@ check_args '1' "$#" 'SERVICE' # Action # #----------------------------------------------------------# -service $service start >/dev/null 2>&1 -if [ $? -ne 0 ]; then - exit $E_RESTART +if [ "$service" != 'iptables' ]; then + service $service start >/dev/null 2>&1 + if [ $? -ne 0 ]; then + exit $E_RESTART + fi +else + $BIN/v-update-firewall + if [ $? -ne 0 ]; then + exit $E_RESTART + fi fi diff --git a/bin/v-stop-firewall b/bin/v-stop-firewall new file mode 100755 index 00000000..1806d4fa --- /dev/null +++ b/bin/v-stop-firewall @@ -0,0 +1,71 @@ +#!/bin/bash +# info: stop system firewall +# options: NONE +# +# The function stops iptables + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Defining absolute path for iptables and modprobe +iptables="/sbin/iptables" +modprobe="/sbin/modprobe" + +# Includes +source /etc/profile.d/vesta.sh +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +#is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Creating temporary file +tmp=$(mktemp) + +# Flushing INPUT chain +echo "$iptables -P INPUT ACCEPT" >> $tmp +echo "$iptables -F INPUT" >> $tmp + +# Deleting vesta chain +echo "$iptables -X vesta" >> $tmp + +# Applying rules +bash $tmp 2>/dev/null + +# Deleting temporary file +rm -f $tmp + +# Saving rules to the master iptables file +if [ -e "/etc/redhat-release" ]; then + /sbin/iptables-save > /etc/sysconfig/iptables + if [ -z "$(ls /etc/rc3.d/S*iptables 2>/dev/null)" ]; then + /sbin/chkconfig iptables off + fi +else + /sbin/iptables-save > /etc/iptables.rules + preup="/etc/network/if-pre-up.d/iptables" + if [ ! -e "$preup" ]; then + echo '#!/bin/sh' > $preup + echo "/sbin/iptables-restore < /etc/iptables.rules" >> $preup + echo "exit 0" >> $preup + chmod +x $preup + fi +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-stop-service b/bin/v-stop-service index 8e2d4b87..7355a113 100755 --- a/bin/v-stop-service +++ b/bin/v-stop-service @@ -27,9 +27,16 @@ check_args '1' "$#" 'SERVICE' # Action # #----------------------------------------------------------# -service $service stop >/dev/null 2>&1 -if [ $? -ne 0 ]; then - exit $E_RESTART +if [ "$service" != 'iptables' ]; then + service $service stop >/dev/null 2>&1 + if [ $? -ne 0 ]; then + exit $E_RESTART + fi +else + $BIN/v-stop-firewall + if [ $? -ne 0 ]; then + exit $E_RESTART + fi fi