HCoop
/
hcoop
/
domtool2.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
a51387b
)
Fix ProxiedServer firewall rule generation for web node
release_20130219
author
Clinton Ebadi
<clinton@unknownlamer.org>
Tue, 19 Feb 2013 19:29:44 +0000
(14:29 -0500)
committer
Clinton Ebadi
<clinton@unknownlamer.org>
Tue, 19 Feb 2013 19:29:44 +0000
(14:29 -0500)
src/plugins/firewall.sml
patch
|
blob
|
blame
|
history
diff --git
a/src/plugins/firewall.sml
b/src/plugins/firewall.sml
index
cb2893b
..
fe718f1
100644
(file)
--- a/
src/plugins/firewall.sml
+++ b/
src/plugins/firewall.sml
@@
-1,6
+1,6
@@
(* HCoop Domtool (http://hcoop.sourceforge.net/)
* Copyright (c) 2006-2007, Adam Chlipala
(* HCoop Domtool (http://hcoop.sourceforge.net/)
* Copyright (c) 2006-2007, Adam Chlipala
- * Copyright (c) 2011 Clinton Ebadi
+ * Copyright (c) 2011
,2012,2013
Clinton Ebadi
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@
-70,10
+70,10
@@
fun parseRules () =
| "Server" :: ports :: hosts =>
confLine_in (node, uname, String.concat ["dport ", parsePorts ports, parseHosts "saddr" hosts, " ACCEPT;"])
| ["ProxiedServer", ports] =>
| "Server" :: ports :: hosts =>
confLine_in (node, uname, String.concat ["dport ", parsePorts ports, parseHosts "saddr" hosts, " ACCEPT;"])
| ["ProxiedServer", ports] =>
- (* should this also allow access on lo?
fixme: open output ports on apache node
*)
+ (* should this also allow access on lo? *)
(confLine_in (node, uname, String.concat ["saddr $WEBNODES dport ", parsePorts ports, " ACCEPT;"]);
(* Warning: duplicates code of Client case *)
(confLine_in (node, uname, String.concat ["saddr $WEBNODES dport ", parsePorts ports, " ACCEPT;"]);
(* Warning: duplicates code of Client case *)
- List.map (fn (
node, _) => confLine_out (node, uname, String.concat ["dport ", parsePorts ports
, Domain.nodeIp node, " ACCEPT;"] ))
+ List.map (fn (
wnode, _) => confLine_out (wnode, uname, String.concat ["dport ", parsePorts ports, " daddr "
, Domain.nodeIp node, " ACCEPT;"] ))
Config.Apache.webNodes_all; ())
| ["LocalServer", ports] =>
confLine_in (node, uname, String.concat ["saddr 127.0.0.1/8 dport ", parsePorts ports, " ACCEPT;"])
Config.Apache.webNodes_all; ())
| ["LocalServer", ports] =>
confLine_in (node, uname, String.concat ["saddr 127.0.0.1/8 dport ", parsePorts ports, " ACCEPT;"])