Commit 2de9fd78 authored by hellkat's avatar hellkat
Browse files

FS#2615 - Fix up ufw installation code

  - This makes ufw the default if it's found
parent e88a7a64
...@@ -285,7 +285,7 @@ $inst->configure_dbserver(); ...@@ -285,7 +285,7 @@ $inst->configure_dbserver();
//if(@is_dir('/etc/Bastille')) { //if(@is_dir('/etc/Bastille')) {
//* Configure Firewall //* Configure Firewall
swriteln('Configuring Firewall'); swriteln('Configuring Firewall');
$inst->configure_firewall(); $inst->configure_bastille_firewall();
//} //}
//** Configure ISPConfig //** Configure ISPConfig
......
...@@ -257,10 +257,17 @@ if($install_mode == 'standard') { ...@@ -257,10 +257,17 @@ if($install_mode == 'standard') {
$inst->configure_apps_vhost(); $inst->configure_apps_vhost();
//* Configure Firewall //* Configure Firewall
//* Configure Bastille Firewall if($conf['ufw']['installed'] == true) {
$conf['services']['firewall'] = true; //* Configure Ubuntu Firewall
swriteln('Configuring Bastille Firewall'); $conf['services']['firewall'] = true;
$inst->configure_firewall(); swriteln('Configuring Ubuntu Firewall');
$inst->configure_ufw_firewall();
} else {
//* Configure Bastille Firewall
$conf['services']['firewall'] = true;
swriteln('Configuring Bastille Firewall');
$inst->configure_bastille_firewall();
}
//* Configure Fail2ban //* Configure Fail2ban
if($conf['fail2ban']['installed'] == true) { if($conf['fail2ban']['installed'] == true) {
...@@ -328,7 +335,7 @@ if($install_mode == 'standard') { ...@@ -328,7 +335,7 @@ if($install_mode == 'standard') {
if($conf['bind']['installed'] == true && $conf['bind']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['bind']['init_script'])) system($conf['init_scripts'].'/'.$conf['bind']['init_script'].' restart &> /dev/null'); if($conf['bind']['installed'] == true && $conf['bind']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['bind']['init_script'])) system($conf['init_scripts'].'/'.$conf['bind']['init_script'].' restart &> /dev/null');
//if($conf['squid']['installed'] == true && $conf['squid']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null'); //if($conf['squid']['installed'] == true && $conf['squid']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null');
if($conf['nginx']['installed'] == true && $conf['nginx']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['nginx']['init_script'])) system($conf['init_scripts'].'/'.$conf['nginx']['init_script'].' restart &> /dev/null'); if($conf['nginx']['installed'] == true && $conf['nginx']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['nginx']['init_script'])) system($conf['init_scripts'].'/'.$conf['nginx']['init_script'].' restart &> /dev/null');
//if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['ufw']['init_script'])) system($conf['init_scripts'].'/'.$conf['ufw']['init_script'].' restart &> /dev/null'); if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['ufw']['init_script'])) system($conf['init_scripts'].'/'.$conf['ufw']['init_script'].' restart &> /dev/null');
}else{ }else{
//* In expert mode, we select the services in the following steps, only db is always available //* In expert mode, we select the services in the following steps, only db is always available
...@@ -544,18 +551,17 @@ if($install_mode == 'standard') { ...@@ -544,18 +551,17 @@ if($install_mode == 'standard') {
//** Configure Firewall //** Configure Firewall
if(strtolower($inst->simple_query('Configure Firewall Server',array('y','n'),'y')) == 'y') { if(strtolower($inst->simple_query('Configure Firewall Server',array('y','n'),'y')) == 'y') {
//if($conf['bastille']['installed'] == true) { if($conf['ufw']['installed'] == true) {
//* Configure Bastille Firewall
$conf['services']['firewall'] = true;
swriteln('Configuring Bastille Firewall');
$inst->configure_firewall();
/*} elseif($conf['ufw']['installed'] == true) {
//* Configure Ubuntu Firewall //* Configure Ubuntu Firewall
$conf['services']['firewall'] = true; $conf['services']['firewall'] = true;
swriteln('Configuring Ubuntu Firewall'); swriteln('Configuring Ubuntu Firewall');
$inst->configure_ufw_firewall(); $inst->configure_ufw_firewall();
} else {
//* Configure Bastille Firewall
$conf['services']['firewall'] = true;
swriteln('Configuring Bastille Firewall');
$inst->configure_bastille_firewall();
} }
*/
} }
//** Configure Firewall //** Configure Firewall
...@@ -622,4 +628,4 @@ if($install_mode == 'standard') { ...@@ -622,4 +628,4 @@ if($install_mode == 'standard') {
echo "Installation completed.\n"; echo "Installation completed.\n";
?> ?>
\ No newline at end of file
...@@ -132,7 +132,7 @@ class installer_base { ...@@ -132,7 +132,7 @@ class installer_base {
if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true; if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
if(is_installed('squid')) $conf['squid']['installed'] = true; if(is_installed('squid')) $conf['squid']['installed'] = true;
if(is_installed('nginx')) $conf['nginx']['installed'] = true; if(is_installed('nginx')) $conf['nginx']['installed'] = true;
// if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true; if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true; if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
if(is_installed('vzctl')) $conf['openvz']['installed'] = true; if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true; if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
...@@ -1349,7 +1349,6 @@ class installer_base { ...@@ -1349,7 +1349,6 @@ class installer_base {
exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile); exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
} }
/*
public function configure_ufw_firewall() public function configure_ufw_firewall()
{ {
$configfile = 'ufw.conf'; $configfile = 'ufw.conf';
...@@ -1359,9 +1358,8 @@ class installer_base { ...@@ -1359,9 +1358,8 @@ class installer_base {
exec('chmod 600 /etc/ufw/ufw.conf'); exec('chmod 600 /etc/ufw/ufw.conf');
exec('chown root:root /etc/ufw/ufw.conf'); exec('chown root:root /etc/ufw/ufw.conf');
} }
*/
public function configure_firewall() { public function configure_bastille_firewall() {
global $conf; global $conf;
$dist_init_scripts = $conf['init_scripts']; $dist_init_scripts = $conf['init_scripts'];
......
...@@ -341,10 +341,15 @@ if($reconfigure_services_answer == 'yes') { ...@@ -341,10 +341,15 @@ if($reconfigure_services_answer == 'yes') {
if($conf['services']['firewall']) { if($conf['services']['firewall']) {
if($conf['bastille']['installed'] == true) { if($conf['ufw']['installed'] == true) {
//* Configure Ubuntu Firewall
$conf['services']['firewall'] = true;
swriteln('Configuring Ubuntu Firewall');
$inst->configure_ufw_firewall();
} else {
//* Configure Bastille Firewall //* Configure Bastille Firewall
swriteln('Configuring Bastille Firewall'); swriteln('Configuring Bastille Firewall');
$inst->configure_firewall(); $inst->configure_bastille_firewall();
} }
} }
...@@ -426,7 +431,7 @@ if($reconfigure_services_answer == 'yes') { ...@@ -426,7 +431,7 @@ if($reconfigure_services_answer == 'yes') {
} }
if($conf['services']['firewall']) { if($conf['services']['firewall']) {
//if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['ufw']['init_script'])) system($conf['init_scripts'].'/'.$conf['ufw']['init_script'].' restart &> /dev/null'); if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['ufw']['init_script'])) system($conf['init_scripts'].'/'.$conf['ufw']['init_script'].' restart &> /dev/null');
} }
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment