From e45559da206978c2a6b89eadf876180034a0c768 Mon Sep 17 00:00:00 2001 From: georou Date: Tue, 14 Mar 2017 01:13:23 +1100 Subject: [PATCH 1/3] Use Firewalld services instead of ports --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 7c9a83d5..b9e38bef 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -965,7 +965,7 @@ configureFirewall() { whiptail --title "Firewall in use" --yesno "We have detected a running firewall\n\nPi-hole currently requires HTTP and DNS port access.\n\n\n\nInstall Pi-hole default firewall rules?" ${r} ${c} || \ { echo -e ":::\n::: Not installing firewall rulesets."; return 0; } echo -e ":::\n:::\n Configuring FirewallD for httpd and dnsmasq." - firewall-cmd --permanent --add-port=80/tcp --add-port=53/tcp --add-port=53/udp + firewall-cmd --permanent --add-service={http,dns} firewall-cmd --reload return 0 # Check for proper kernel modules to prevent failure From 0d794226ab9ac7c598b7fc7371dbc68a5a2777ba Mon Sep 17 00:00:00 2001 From: georou Date: Thu, 16 Mar 2017 09:29:33 +1100 Subject: [PATCH 2/3] Removed unsupported POSIX brace expansion --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b9e38bef..3373a41c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -965,7 +965,7 @@ configureFirewall() { whiptail --title "Firewall in use" --yesno "We have detected a running firewall\n\nPi-hole currently requires HTTP and DNS port access.\n\n\n\nInstall Pi-hole default firewall rules?" ${r} ${c} || \ { echo -e ":::\n::: Not installing firewall rulesets."; return 0; } echo -e ":::\n:::\n Configuring FirewallD for httpd and dnsmasq." - firewall-cmd --permanent --add-service={http,dns} + firewall-cmd --permanent --add-service=http --add-service=dns firewall-cmd --reload return 0 # Check for proper kernel modules to prevent failure From 6c5666540328d36806a63c12303d467ac092822e Mon Sep 17 00:00:00 2001 From: georou Date: Thu, 16 Mar 2017 10:26:51 +1100 Subject: [PATCH 3/3] updated travis for new firewalld add service --- test/test_automated_install.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 19c662c6..8e36fc96 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -78,7 +78,7 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole): assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout assert 'firewall-cmd --state' in firewall_calls - assert 'firewall-cmd --permanent --add-port=80/tcp --add-port=53/tcp --add-port=53/udp' in firewall_calls + assert 'firewall-cmd --permanent --add-service=http --add-service=dns' in firewall_calls assert 'firewall-cmd --reload' in firewall_calls def test_configureFirewall_firewalld_disabled_no_errors(Pihole):