From f19e9252a4ba69b5e6a3d01177124f15daaaa1e4 Mon Sep 17 00:00:00 2001
From: frank <frank@cloud.com>
Date: Mon, 12 Sep 2011 15:21:33 -0700
Subject: [PATCH] use ufw to configure iptable in ubuntu for mgmt server ports

---
 python/lib/cloudutils/serviceConfig.py | 20 ++++++++++++++++++++
 python/lib/cloudutils/syscfg.py        |  2 +-
 python/lib/cloudutils/utilities.py     |  4 ++--
 3 files changed, 23 insertions(+), 3 deletions(-)
 mode change 100644 => 100755 python/lib/cloudutils/serviceConfig.py
 mode change 100644 => 100755 python/lib/cloudutils/syscfg.py
 mode change 100644 => 100755 python/lib/cloudutils/utilities.py

diff --git a/python/lib/cloudutils/serviceConfig.py b/python/lib/cloudutils/serviceConfig.py
old mode 100644
new mode 100755
index f5a1ebbf654..24e78dab54b
--- a/python/lib/cloudutils/serviceConfig.py
+++ b/python/lib/cloudutils/serviceConfig.py
@@ -651,3 +651,23 @@ class firewallConfigServer(firewallConfigBase):
             self.ports = "443 8080 8096 8250 8443 9090".split()
         else:
             self.ports = "8080 8096 8250 9090".split()
+
+class ubuntuFirewallConfigServer(firewallConfigServer):
+    def allowPort(self, port):
+        status = False
+        try:
+            status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
+        except:
+            pass
+        
+        if not status: 
+            bash("ufw allow %s/tcp"%port)
+            
+    def config(self):
+        try:
+            for port in self.ports:
+                self.allowPort(port)
+                
+            return True
+        except:
+            raise
diff --git a/python/lib/cloudutils/syscfg.py b/python/lib/cloudutils/syscfg.py
old mode 100644
new mode 100755
index 801f83c6671..548968c56a6
--- a/python/lib/cloudutils/syscfg.py
+++ b/python/lib/cloudutils/syscfg.py
@@ -178,4 +178,4 @@ class sysConfigServerUbuntu(sysConfigServer):
         super(sysConfigServerUbuntu, self).__init__(glbEnv)
         self.svo = serviceOpsUbuntu()
         self.services = [sudoersConfig(self), 
-                         firewallConfigServer(self)]
+                         ubuntuFirewallConfigServer(self)]
diff --git a/python/lib/cloudutils/utilities.py b/python/lib/cloudutils/utilities.py
old mode 100644
new mode 100755
index 17c81573607..eab87abd0a5
--- a/python/lib/cloudutils/utilities.py
+++ b/python/lib/cloudutils/utilities.py
@@ -155,7 +155,7 @@ class serviceOpsRedhat(serviceOps):
 class serviceOpsUbuntu(serviceOps):
     def isServiceRunning(self, servicename):
         try:
-            o = bash("service " + servicename + " status")
+            o = bash("/usr/sbin/service " + servicename + " status")
             if "running" in o.getStdout() or "start" in o.getStdout():
                 return True
             else:
@@ -165,7 +165,7 @@ class serviceOpsUbuntu(serviceOps):
 
     def stopService(self, servicename,force=False):
         if self.isServiceRunning(servicename) or force:
-            return bash("service " + servicename +" stop").isSuccess()
+            return bash("/usr/sbin/service " + servicename +" stop").isSuccess()
 
     def disableService(self, servicename):
         result = self.stopService(servicename)