Skip to content

Commit

Permalink
Firewalld service add stop
Browse files Browse the repository at this point in the history
  • Loading branch information
@JeGoi
JeGoi committed Jun 5, 2024
1 parent 6abb322 commit 64290f6
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
1 change: 1 addition & 0 deletions conf/systemd/packetfence-firewalld.service
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ ExecStartPre=/bin/bash -c "/bin/rm -rf /usr/lib/systemd/system/firewalld.service
ExecStartPre=/bin/perl -I/usr/local/pf/lib -I/usr/local/pf/lib_perl/lib/perl5 '-Mpf::firewalld' '-Mpf::config' -e 'pf::firewalld::firewalld_generate_pfconf_configs()'
ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS --system-config /usr/local/pf/var/conf/firewalld --default-config /usr/local/pf/var/conf/firewalld
ExecStartPost=/bin/perl -I/usr/local/pf/lib -I/usr/local/pf/lib_perl/lib/perl5 '-Mpf::firewalld' '-Mpf::config' -e 'pf::firewalld::firewalld_generate_configs()'
ExecStop=/bin/perl -I/usr/local/pf/lib -I/usr/local/pf/lib_perl/lib/perl5 '-Mpf::firewalld' '-Mpf::config' '-Mpf::services::manager::firewalld' -e 'pf::services::manager::firewalld->_stop()'

ExecReload=/bin/kill -HUP $MAINPID
# supress to log debug and error output also to /var/log/messages
Expand Down
7 changes: 3 additions & 4 deletions lib/pf/services/manager/firewalld.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ Wrapper around systemctl. systemctl should in turn call the actual _stop.
=cut

sub stop {
my ($self) = @_;
#my ($self) = @_;
system('sudo systemctl stop packetfence-firewalld');
return 1;
}
Expand All @@ -104,12 +104,12 @@ stop firewalld
=cut

sub _stop {
my ($self) = @_;
#my ($self) = @_;
my $logger = get_logger();
pf_run("sudo systemctl stop packetfence-firewalld");
pf_run("sudo iptables -F");
pf_run("sudo iptables -X");
pf_run("sudo iptables -t nat -F");
pf_run("sudo iptables -t nat -X");
pf_run("sudo iptables -t mangle -F");
pf_run("sudo iptables -t mangle -X");
pf_run("sudo iptables -P INPUT ACCEPT");
Expand All @@ -120,7 +120,6 @@ sub _stop {
pf_run("sudo iptables -t nat -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER");
pf_run("sudo iptables -t nat -A POSTROUTING -s 100.64.0.0/10 ! -o docker0 -j MASQUERADE");
pf_run("sudo iptables -t nat -A DOCKER -i docker0 -j RETURN");
pf_run("sudo systemctl stop packetfence-firewalld");
return 1;
}

Expand Down

0 comments on commit 64290f6

Please sign in to comment.