From f5b5e9dafa517a16259070f9dbd7aa90ad3d41bb Mon Sep 17 00:00:00 2001
From: Rajesh Madaka <rmadaka@redhat.com>
Date: Thu, 7 Jun 2018 19:40:42 +0530
Subject: Add services to firewall and remove services from firewall

Change-Id: Ie81b6ecb7e7af0524a42b37f0256a2cfff5d7736
Signed-off-by: Rajesh Madaka <rmadaka@redhat.com>
---
 glustolibs-gluster/glustolibs/gluster/lib_utils.py | 48 +++++++++++++++++++++-
 1 file changed, 46 insertions(+), 2 deletions(-)

(limited to 'glustolibs-gluster/glustolibs/gluster')

diff --git a/glustolibs-gluster/glustolibs/gluster/lib_utils.py b/glustolibs-gluster/glustolibs/gluster/lib_utils.py
index 3cb1e44ca..0b86291b0 100644
--- a/glustolibs-gluster/glustolibs/gluster/lib_utils.py
+++ b/glustolibs-gluster/glustolibs/gluster/lib_utils.py
@@ -834,8 +834,8 @@ def is_core_file_created(nodes, testrun_timestamp,
         return True
 
 
-def open_firewall(nodes, firewall_service, permanent=False):
-    """Opening firewall services on nodes
+def remove_service_from_firewall(nodes, firewall_service, permanent=False):
+    """Removing services from firewall on nodes
     This library only for RHEL7, for RHEL6 not required
         Args:
             nodes(list|str): List of server on which firewalls services to be
@@ -877,3 +877,47 @@ def open_firewall(nodes, firewall_service, permanent=False):
                         _rc = False
 
     return _rc
+
+
+def add_services_to_firewall(nodes, firewall_service, permanent=False):
+    """Adding services to firewall on nodes
+    This lib only for RHEL7, RHEL6 Not Required
+    Args:
+        nodes(list|str): List of server on which firewalls to be enabled
+        firewall_service(list|str): List of firewall services to be enabled
+        permanent(boolean): True|False
+    Return:
+        bool: True|False(Firewall Enabled or Failed)
+    """
+
+    if isinstance(nodes, str):
+        nodes = [nodes]
+
+    if isinstance(firewall_service, str):
+        firewall_service = [firewall_service]
+
+    _rc = True
+    if is_rhel7(nodes):
+        for service in firewall_service:
+            cmd = ("firewall-cmd --zone=public " + "--add-service=" + service)
+            results = g.run_parallel(nodes, cmd)
+            # Check for return status
+            for host in results:
+                ret, _, _ = results[host]
+                if ret != 0:
+                    g.log.error("Failed to execute firewall command on %s"
+                                % host)
+                    _rc = False
+        if permanent and _rc:
+            for service in firewall_service:
+                cmd = ("firewall-cmd --zone=public " + "--add-service=" +
+                       service + " --permanent")
+                results = g.run_parallel(nodes, cmd)
+                # Check for return status
+                for host in results:
+                    ret, _, _ = results[host]
+                    if ret != 0:
+                        g.log.error("Failed to add firewall permanently")
+                        _rc = False
+
+    return _rc
-- 
cgit