From 457bd42dcb88a9e0dbb2f906810ea2a82f7839ae Mon Sep 17 00:00:00 2001
From: rperper <rperper@litespeedtech.com>
Date: Wed, 14 Nov 2018 12:39:42 -0500
Subject: [PATCH] Firewall rules (intermediate version)

---
 install/firewallUtilities.py | 44 ++++++++++++++++++++----------------
 1 file changed, 24 insertions(+), 20 deletions(-)

diff --git a/install/firewallUtilities.py b/install/firewallUtilities.py
index 15bec7b18..e470d26bc 100644
--- a/install/firewallUtilities.py
+++ b/install/firewallUtilities.py
@@ -14,19 +14,21 @@ class FirewallUtilities:
     @staticmethod
     def addRule(proto,port):
         try:
-            if port == "21":
-                command = "sudo firewall-cmd --add-service=ftp --permanent"
-                cmd = shlex.split(command)
-                res = subprocess.call(cmd)
+            command = 'sudo firewall-cmd --permanent --zone-public --add-port=' + port + '/' + proto
 
-            ipAddress = "0.0.0.0/0"
+            #if port == "21":
+            #    command = "sudo firewall-cmd --add-service=ftp --permanent"
+            #    cmd = shlex.split(command)
+            #    res = subprocess.call(cmd)
 
-            ruleFamily = 'rule family="ipv4"'
-            sourceAddress = 'source address="' + ipAddress + '"'
-            ruleProtocol = 'port protocol="' + proto + '"'
-            rulePort = 'port="' + port + '"'
+            #ipAddress = "0.0.0.0/0"
 
-            command = "sudo firewall-cmd --permanent --zone=public --add-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"
+            #ruleFamily = 'rule family="ipv4"'
+            #sourceAddress = 'source address="' + ipAddress + '"'
+            #ruleProtocol = 'port protocol="' + proto + '"'
+            #rulePort = 'port="' + port + '"'
+
+            #command = "sudo firewall-cmd --permanent --zone=public --add-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"
 
             cmd = shlex.split(command)
 
@@ -50,19 +52,21 @@ class FirewallUtilities:
     @staticmethod
     def deleteRule(proto, port):
         try:
-            if port=="21":
-                command = "sudo firewall-cmd --remove-service=ftp --permanent"
-                cmd = shlex.split(command)
-                res = subprocess.call(cmd)
+            command = 'sudo firewall-cmd --permanent --zone-public --remove-port=' + port + '/' + proto
 
-            ipAddress = "0.0.0.0/0"
+            #if port=="21":
+            #    command = "sudo firewall-cmd --remove-service=ftp --permanent"
+            #    cmd = shlex.split(command)
+            #    res = subprocess.call(cmd)
 
-            ruleFamily = 'rule family="ipv4"'
-            sourceAddress = 'source address="' + ipAddress + '"'
-            ruleProtocol = 'port protocol="' + proto + '"'
-            rulePort = 'port="' + port + '"'
+            #ipAddress = "0.0.0.0/0"
 
-            command = "sudo firewall-cmd --permanent --zone=public --remove-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"
+            #ruleFamily = 'rule family="ipv4"'
+            #sourceAddress = 'source address="' + ipAddress + '"'
+            #ruleProtocol = 'port protocol="' + proto + '"'
+            #rulePort = 'port="' + port + '"'
+
+            #command = "sudo firewall-cmd --permanent --zone=public --remove-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"
 
             cmd = shlex.split(command)