????
Current Path : /usr/local/ssl/sbin/ |
Current File : //usr/local/ssl/sbin/lokkit |
#!/usr/bin/python # # Copyright (C) 2007, 2008 Red Hat, Inc. # Authors: # Thomas Woerner <twoerner@redhat.com> # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # import os, os.path, sys DATADIR = '/usr/share/system-config-firewall' sys.path.append(DATADIR) import fw_config import fw_lokkit import fw_services import fw_icmp # check euid if os.geteuid() != 0: print _("\nERROR - You must be root to run %s.") % \ os.path.basename(sys.argv[0]) sys.exit(1) ### parse command line arguments ### (config, old_config, old_se_config) = fw_lokkit.loadConfig() # show version if config.version: print "%s %s\n%s\n" % (fw_config.APP_NAME, fw_config.VERSION, fw_config.COPYRIGHT) print fw_config.LICENSE sys.exit(0) # list defined services if config.list_services: print _("Predefined Services with Default Environment:") for svc in fw_services.service_list: print "%s: %s" % (svc.key, svc.name) if svc.default: print " default: %s" % ",".join(svc.default) sys.exit(0) # list supported icmp types if config.list_icmp_types: print _("Supported icmp types:") for icmp in fw_icmp.icmp_list: print "%s: %s" % (icmp.key, icmp.name) sys.exit(0) ### write configuration ### # selinux se_status = fw_lokkit.updateSELinux(config, old_se_config) if config.nofw: sys.exit(se_status) # update firewall, services (c_status, ip4t_status, \ ip6t_status, log) = fw_lokkit.updateFirewall(config, old_config) if log != "": print log sys.exit(ip4t_status + ip6t_status + c_status + se_status)