From a4a987964396d13dc345890efe55d34f1b4d3769 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 29 Dec 2016 15:57:29 -0800 Subject: [PATCH] Restructure firewall detection and application. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9701560f..906d1dc9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -866,16 +866,17 @@ create_pihole_user() { configureFirewall() { # Allow HTTP and DNS traffic - if command -v firewall-cmd &> /dev/null; then - firewall-cmd --state &> /dev/null && ( echo "::: Configuring firewalld for httpd and dnsmasq.." && firewall-cmd --permanent --add-port=80/tcp && firewall-cmd --permanent --add-port=53/tcp \ - && firewall-cmd --permanent --add-port=53/udp && firewall-cmd --reload) || echo "::: FirewallD not enabled" - elif command -v iptables &> /dev/null; then + if firewall-cmd --state &> /dev/null; then + echo "::: Configuring FirewallD for httpd and dnsmasq.." + firewall-cmd --permanent --add-port=80/tcp --add-port=53/tcp --add-port=53/udp + firewall-cmd --reload + elif modinfo ip_tables &> /dev/null && iptables -S INPUT | head -n1 | grep -v "ACCEPT" &> /dev/null ; then echo "::: Configuring iptables for httpd and dnsmasq.." iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT else - echo "::: No firewall detected.. skipping firewall configuration." + echo "::: No active firewall detected.. skipping firewall configuration." fi }