Author: fapeeler
Date: Mon Nov 21 21:10:51 2011
New Revision: 1204708
URL: http://svn.apache.org/viewvc?rev=1204708&view=rev
Log:
VCL-381
moved firewall_compare_update to OS::Linux and OS::Windows modules
Modified:
incubator/vcl/trunk/managementnode/lib/VCL/utils.pm
Modified: incubator/vcl/trunk/managementnode/lib/VCL/utils.pm
URL:
http://svn.apache.org/viewvc/incubator/vcl/trunk/managementnode/lib/VCL/utils.pm?rev=1204708&r1=1204707&r2=1204708&view=diff
==============================================================================
--- incubator/vcl/trunk/managementnode/lib/VCL/utils.pm (original)
+++ incubator/vcl/trunk/managementnode/lib/VCL/utils.pm Mon Nov 21 21:10:51 2011
@@ -7752,97 +7752,6 @@ sub switch_state {
#/////////////////////////////////////////////////////////////////////////////
-=head2 firewall_compare_update
-
- Parameters : $node,$reote_IP, $identity, $type
- Returns : 0 or 1 (nochange or updated)
- Description : compares and updates the firewall for rdp port, specfically for
windows
- Currently only handles windows and
allows two seperate scopes
-
-=cut
-
-sub firewall_compare_update {
- my ($node, $remote_IP, $identity, $type) = @_;
-
- my ($package, $filename, $line, $sub) = caller(0);
-
- # Check the arguments
- if (!defined($node)) {
- notify($ERRORS{'WARNING'}, 0, "node was not specified");
- return 0;
- }
- if (!defined($remote_IP)) {
- notify($ERRORS{'WARNING'}, 0, "remote_IP was not specified");
- return 0;
- }
- if (!defined($identity)) {
- notify($ERRORS{'WARNING'}, 0, "$identity was not specified");
- return 0;
- }
- if (!defined($type)) {
- notify($ERRORS{'WARNING'}, 0, "$type was not specified");
- return 0;
- }
-
- # Collect settings on node
- if ($type =~ /windows/) {
- my $cmd = "netsh firewall show portopening enable";
- my @sshcmd = run_ssh_command($node, $identity, $cmd,
"root");
- my $update_scope = 0;
- my $scopelook = 0;
-
- foreach my $l (@{$sshcmd[1]}) {
- if ($l =~ /^3389\s*TCP/) {
- $scopelook = 1;
- #print "$l\n";
- next;
- }
- if ($scopelook) {
- $scopelook = 0;
- if ($l =~
/(\s*Scope:\s*)([.0-9]*)(\/)([.0-9]*)/) {
- # addresses into their quads
- # current scope
- my ($a1q1, $a1q2, $a1q3, $a1q4) =
split(/[.]/, $2);
- my ($a2q1, $a2q2, $a2q3, $a2q4) =
split(/[.]/, $remote_IP);
- #start comparing
- if ($a1q1 ne $a2q1) {
- $update_scope = 1;
- notify($ERRORS{'DEBUG'}, 0,
"update_scope required addressquad1= $a1q1 addressquad2= $a2q1");
- }
- if ($a1q2 ne $a2q2) {
- $update_scope = 1;
- notify($ERRORS{'DEBUG'}, 0,
"update_scope required address1uad2= $a1q2 address2quad2= $a2q2");
- }
- if ($update_scope) {
- my $scopeaddress =
"$a1q1.$a1q2.0.0/255.255.0.0,$a2q1.$a2q2.0.0/255.255.0.0";
- my $netshcmd = "netsh
firewall set portopening TCP 3389 RDP enable CUSTOM $scopeaddress";
- my @sshcmd1 =
run_ssh_command($node, $identity, $netshcmd, "root");
- foreach my $line
(@{$sshcmd1[1]}) {
- if ($line =~ /Ok./) {
-
notify($ERRORS{'OK'}, 0, "firewall updated with $scopeaddress");
- return 1;
- }
- else {
-
notify($ERRORS{'DEBUG'}, 0, "netsh output: $line ");
- }
- }
- } ## end if ($update_scope)
- else {
- notify($ERRORS{'DEBUG'}, 0,
"scope of ipaddess matches no change needed");
- }
- } ## end if ($l =~
/(\s*Scope:\s*)([.0-9]*)(\/)([.0-9]*)/)
- } ## end if ($scopelook)
- } ## end foreach my $l (@{$sshcmd[1]})
- } ## end if ($type =~ /windows/)
- else {
- #other types go here
- return 0;
- }
-
-} ## end sub firewall_compare_update
-
-#/////////////////////////////////////////////////////////////////////////////
-
=head2 get_management_node_blockrequests
Parameters : $managementnode_id
