setup

linux环境下的一个防火墙程序的源代码

#!/usr/bin/perl


# creo la directory per i file di configurazione
$path_config = '/etc/turtlefirewall';

if( ! -d $path_config ) {
	mkdir $path_config, 0700;
}
# copio i 3 file predefiniti per la configurazione del firewall
if( ! -f "$path_config/fw.xml" ) {
	system( "cp -v fw.xml $path_config" );
}
if( -f "$path_config/fwservices.xml" ) {
	system( "cp -v $path_config/fwservices.xml $path_config/fwservices.xml.bck" );
}
system( "cp -v -f fwservices.xml $path_config" );
# Il file fwuserdefservices.xml lo copio solo se non presente
if( ! -f "$path_config/fwuserdefservices.xml" ) {
	system( "cp -v fwuserdefservices.xml $path_config/" );
}

# Diritti di lettura/scrittura solo a root
system( "chmod 600 $path_config/*" );
system( "chmod 700 $path_config" );

# copio lo script turtlefw in /usr/sbin
system( "cp -v -f turtlefirewall /usr/sbin" );
chmod 0700, '/usr/sbin/turtlefirewall';

# delete old turtlefirewall package
unlink( "/usr/lib/turtlefirewall.pm" );
# add new TurtleFirewall package
system( "cp -v -f TurtleFirewall.pm /usr/lib" );


# Cerco il percorso della dir init.d
$path_initd = '';
if( -d '/etc/rc.d/init.d' ) {
	$path_initd = '/etc/rc.d/init.d';
} elsif( -d '/etc/init.d' ) {
	$path_initd = '/etc/init.d';
} elsif( -d '/sbin/init.d' ) {
	$path_initd = '/sbin/init.d';
} elsif( -d '/etc/rc.d' ) {
	# Slackware
	$path_initd = '/etc/rc.d';
}

if( $path_initd eq '' ) {
	print "Error: init.d directory not found\n";
	exit( 1 );
}

$startscript = "$path_initd/turtlefirewall";
open( FILE, ">$startscript" );

print FILE q~#!/bin/bash
# chkconfig: 2345 08 92
# description: Start or stop the Turtle Firewall

if [ -d "/var/lock/subsys" ] ; then
	FLAG_FILE=/var/lock/subsys/turtlefirewall
else
	FLAG_FILE=/var/lock/turtlefirewall
fi
RETVAL=0

start() {
	/usr/sbin/turtlefirewall
	if [ $? == 0 ] ; then
		touch $FLAG_FILE
	fi
	RETVAL=$?
	return $RETVAL
}

stop() {
	/usr/sbin/turtlefirewall --stop
	rm -f $FLAG_FILE
	RETVAL=$?
	return $RETVAL
}

case "$1" in
	start)
		start
		;;
	stop)
		stop
		;;
	status)
		echo "\nNAT/MASQUERADING:"
		iptables -t nat -L -n -v
		echo "\nRULES:"
		iptables -L -n -v
		/usr/sbin/turtlefirewall --status
		;;
	restart|reload)
		stop
		start
		;;
	*)
		echo "Usage: $0 { start | stop | status | restart }"
		exit 1
		;;
esac
exit $RETVAL~;

close( FILE );
chmod 0700, $startscript;



# Cerco il percorso della dir rc.d
$path_rcd = '';
if( -d '/etc/rc.d/rc0.d' ) {
	$path_rcd = '/etc/rc.d';
} elsif( -d '/etc/rc0.d' ) {
	$path_rcd = '/etc';
} elsif( -d '/sbin/init.d/rc0.d' ) {
	$path_rcd = '/sbin/init.d';
} elsif( -d '/etc/rc.d' ) {
	$path_rcd = '/etc/rc.d';
}
if( $path_rcd eq '' ) {
	print "Error: rcX.d directory not found\n";
	exit( 1 );
}

if( -f '/etc/slackware-version' ) {
	# Slackware distro
	open FILE, "<$path_rcd/rc.local" or die( "Error: file $path_rcd/rc.local can't be opend" );
	my @lines = <FILE>;
	close FILE;
	if( !( join('',@lines) =~ /turtlefirewall/ ) ) {
		open FILE, ">>$path_rcd/rc.local" or die( "Error: writing on file $path_rcd/rc.local" );
		print FILE "\n#Start Turtle Firewall\n/etc/rc.d/turtlefirewall start\n";
		close FILE;
	}
} else {

	$script = $startscript;
	if( $path_initd = "$path_rcd/init.d" ) {
		$script = "../init.d/turtlefirewall";
	}

	installscript( $path_rcd, 0, 'K92', $script );
	installscript( $path_rcd, 1, 'K92', $script );
	installscript( $path_rcd, 2, 'S08', $script );
	installscript( $path_rcd, 3, 'S08', $script );
	installscript( $path_rcd, 4, 'S08', $script );
	installscript( $path_rcd, 5, 'S08', $script );
	installscript( $path_rcd, 6, 'K92', $script );
}

exit( 0 );



sub installscript {
	my $path = shift;
	my $runlevel = shift;
	my $prefix = shift;
	my $script = shift;
	system( "rm -f $path/rc$runlevel.d/???turtlefirewall" );
	system( "ln -s $script $path/rc$runlevel.d/".$prefix."turtlefirewall" );
}