--- loncom/lciptables	2010/03/25 01:28:34	1.2
+++ loncom/lciptables	2011/05/14 23:38:07	1.6
@@ -2,7 +2,7 @@
 #
 # The Learning Online Network with CAPA
 #
-# $Id: lciptables,v 1.2 2010/03/25 01:28:34 raeburn Exp $
+# $Id: lciptables,v 1.6 2011/05/14 23:38:07 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -57,15 +57,15 @@ print "In lciptables\n" unless $noprint;
 
 # ----------------------------- Make sure this process is running from user=www
 my $wwwid=getpwnam('www');
-&DisableRoot;
-if ($wwwid!=$>) {
+
+if ($wwwid!=$<) {
     print("User ID mismatch.  This program must be run as user 'www'\n")
         unless $noprint;
     &Exit(1);
 }
 
 # ----------------------------------- Retrieve IP addreses for hosts in cluster
-&DisableRoot;
+
 
 my %iphost;
 if (@ARGV != 1) {
@@ -88,26 +88,19 @@ if (-e $tmpfile) {
     &Exit(3);
 }
 
-# --------------------------- Handle case of another lciptables process (locking)
-unless (&try_to_lock("/tmp/lock_lciptables")) {
-    print "Error. Too many other simultaneous iptables manipulation requests being ".
-        "made.\n" unless $noprint;
-    &Exit(4);
-}
-
 my $lond_port = &LONCAPA::Firewall::get_lond_port();
 
-($>,$<)=($wwwid,0);
+
 &EnableRoot();
 
 my @fw_chains = &LONCAPA::Firewall::get_fw_chains();
 my $iptables = &LONCAPA::Firewall::get_pathto_iptables();
 my $firewall_result = 
-     &LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains,$lond_port,[$lond_port]);
+     &LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port]);
 if ($firewall_result) {
     print "$firewall_result\n";
 }
-my $firewall_result = &LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port]);
+$firewall_result = &LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains,$lond_port,\%iphost,[$lond_port]);
 if ($firewall_result) {
     print "$firewall_result\n";
 }
@@ -115,7 +108,6 @@ if ($firewall_result) {
 # -------------------------------------------------------- Exit script
 print "lciptables Exiting\n" unless $noprint;
 &DisableRoot;
-unlink('/tmp/lock_lciptables');
 &Exit(0);
 
 
@@ -140,42 +132,6 @@ sub DisableRoot {
     }
 }
 
-sub try_to_lock {
-    my ($lockfile)=@_;
-    my $currentpid;
-    my $lastpid;
-    # Do not manipulate lock file as root
-    if ($>==0) {
-        return 0;
-    }
-    # Try to generate lock file.
-    # Wait 3 seconds.  If same process id is in
-    # lock file, then assume lock file is stale, and
-    # go ahead.  If process id's fluctuate, try
-    # for a maximum of 10 times.
-    for (0..10) {
-        if (-e $lockfile) {
-            open(LOCK,"<$lockfile");
-            $currentpid=<LOCK>;
-            close LOCK;
-            if ($currentpid==$lastpid) {
-                last;
-            }
-            sleep 3;
-            $lastpid=$currentpid;
-        } else {
-            last;
-        }
-        if ($_==10) {
-            return 0;
-        }
-    }
-    open(LOCK,">$lockfile");
-    print LOCK $$;
-    close LOCK;
-    return 1;
-}
-
 sub Exit {
     my ($code) = @_;
     &DisableRoot();
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator at 
 root@localhost to inform them of the time this error occurred,
 and the actions you performed just before this error.</p>
<p>More information about this error may be available
in the server error log.</p>
</body></html>