diff options
| author | Pascal Rigaux <pixel@mandriva.com> | 2002-08-22 22:42:56 +0000 |
|---|---|---|
| committer | Pascal Rigaux <pixel@mandriva.com> | 2002-08-22 22:42:56 +0000 |
| commit | b61548ee174481b25e750be9f7d4c7484a0ebf96 (patch) | |
| tree | 59ab4d150f6d8a72148f68763c8c61b714b7cb04 /perl-install/tinyfirewall.pm | |
| parent | fbde1a0bdc207d0be42e9c32ed0da6f1526ef927 (diff) | |
| download | drakx-backup-do-not-use-b61548ee174481b25e750be9f7d4c7484a0ebf96.tar drakx-backup-do-not-use-b61548ee174481b25e750be9f7d4c7484a0ebf96.tar.gz drakx-backup-do-not-use-b61548ee174481b25e750be9f7d4c7484a0ebf96.tar.bz2 drakx-backup-do-not-use-b61548ee174481b25e750be9f7d4c7484a0ebf96.tar.xz drakx-backup-do-not-use-b61548ee174481b25e750be9f7d4c7484a0ebf96.zip | |
- add network::shorewall
- add tinyfirewall during install
Diffstat (limited to 'perl-install/tinyfirewall.pm')
| -rw-r--r-- | perl-install/tinyfirewall.pm | 168 |
1 files changed, 0 insertions, 168 deletions
diff --git a/perl-install/tinyfirewall.pm b/perl-install/tinyfirewall.pm deleted file mode 100644 index 422efd7b8..000000000 --- a/perl-install/tinyfirewall.pm +++ /dev/null @@ -1,168 +0,0 @@ -package tinyfirewall; # $Id$ - -use diagnostics; -use strict; - -use common; - -my @all_servers = -( - { - name => _("Web Server"), - pkg => 'apache apache-mod_perl boa', - ports => '80/tcp 443/tcp', - }, - { - name => _("Domain Name Server"), - pkg => 'bind', - ports => '53/tcp 53/udp', - }, - { - name => "SSH", - pkg => 'openssh-server', - ports => '22/tcp', - }, - { - name => "FTP", - pkg => 'ftp-server-krb5 wu-ftpd proftpd pure-ftpd', - ports => '20/tcp 21/tcp', - }, - { - name => _("Mail Server"), - pkg => 'sendmail postfix qmail', - ports => '25/tcp', - }, - { - name => _("POP and IMAP Server"), - pkg => 'imap courier-imap-pop', - ports => '109/tcp 110/tcp 143/tcp', - }, - { - name => "Telnet", - pkg => 'telnet-server-krb5', - ports => '23/tcp', - hide => 1, - }, - { - name => "CUPS", - pkg => 'cups', - ports => '631/tcp 631/udp', - hide => 1, - }, -); - -sub port2server { - my ($port) = @_; - foreach (@all_servers) { - return $_ if grep { $port eq $_ } split ' ', $_->{ports}; - } - undef; -} - -sub check_ports_syntax { - my ($ports) = @_; - foreach (split ' ', $ports) { - my ($nb) = m!^(\d+)/(tcp|udp)$! or return $_; - 1 <= $nb && $nb <= 65535 or return $_; - } - ''; -} - -sub to_ports { - my ($servers, $unlisted) = @_; - my $ports = join(' ', (map { $_->{ports} } @$servers), if_($unlisted, $unlisted)); - \$ports; -} - -sub from_ports { - my ($ports) = @_; - - my @l; - my @unlisted; - foreach (split ' ', $$ports) { - if (my $s = port2server($_)) { - push @l, $s; - } else { - push @unlisted, $_; - } - } - [ uniq(@l) ], join(' ', @unlisted); -} - -sub default_from_pkgs { - my ($in) = @_; - my @pkgs = $in->do_pkgs->are_installed(map { split ' ', $_->{pkg} } @all_servers); - [ grep { - my $s = $_; - grep { member($_, @pkgs) } split ' ', $s->{pkg}; - } @all_servers ]; -} - -sub get_ports { -} - -sub set_ports { - my ($ports) = @_; - print "set_ports $$ports\n"; -} - -sub get_conf { - my ($in, $ports) = @_; - - my $possible_servers = default_from_pkgs($in); - $_->{hide} = 0 foreach @$possible_servers; - - if ($ports ||= get_ports()) { - from_ports($ports); - } else { - $in->ask_okcancel('', _("tinyfirewall configurator - -This configures a personal firewall for this Mandrake Linux machine. -For a powerful dedicated firewall solution, please look to the -specialized MandrakeSecurity Firewall distribution."), 1) or return; - - $possible_servers, ''; - } -} - -sub choose { - my ($in, $servers, $unlisted) = @_; - - $_->{on} = 0 foreach @all_servers; - $_->{on} = 1 foreach @$servers; - my @l = grep { $_->{on} || !$_->{hide} } @all_servers; - - $in->ask_from_({ - messages => _("Which services would you like to allow the Internet to connect to?"), - advanced_messages => _("You can enter miscellaneous ports. -Valid examples are: 139/tcp 139/udp. -Have a look at /etc/services for information."), - callbacks => { - complete => sub { - if (my $invalid_port = check_ports_syntax($unlisted)) { - $in->ask_warn('', _("Invalid port given: %s. -The proper format is \"port/tcp\" or \"port/udp\", -where port is between 1 and 65535.", $invalid_port)); - return 1; - } - }, - }}, - [ - (map { { text => $_->{name}, val => \$_->{on}, type => 'bool' } } @l), - { label => _("Other ports"), val => \$unlisted, advanced => 1 } - ]) or return; - - to_ports([ grep { $_->{on} } @l ], $unlisted); -} - -sub main { - my ($in) = @_; - - my ($servers, $unlisted) = get_conf($in) or return; - - $in->do_pkgs->ensure_is_installed('shorewall', '/sbin/shorewall', $::isInstall) or return; - - my $ports = choose($in, $servers, $unlisted) or return; - - set_ports($ports); -} |