From a854223fdf650b9dd55a16857b9eae52d7bc33d4 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Thu, 30 Jun 2011 14:36:08 -0700
Subject: [PATCH] Completed Webmin command to open up ports
 https://www.virtualmin.com/node/18624

---
 firewall/CHANGELOG     | 2 ++
 firewall/open-ports.pl | 8 ++++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/firewall/CHANGELOG b/firewall/CHANGELOG
index 67fe62703..a57482502 100644
--- a/firewall/CHANGELOG
+++ b/firewall/CHANGELOG
@@ -36,3 +36,5 @@ Added a button to rename an existing custom chain.
 ---- Changes since 1.510 ----
 Better handle the case where a rule has a --comment format description, but # format comments are enabled.
 Added support for physdev module options, for matching based on the bridged interface.
+---- Changes since 1.550 ----
+Added the open-ports.pl command which can be run from the shell to open ports on the firewall.
diff --git a/firewall/open-ports.pl b/firewall/open-ports.pl
index 4cb5f06fe..58964f26a 100755
--- a/firewall/open-ports.pl
+++ b/firewall/open-ports.pl
@@ -69,11 +69,13 @@ PORT: foreach $p (@ARGV) {
 		if ($r->{'chain'} eq 'INPUT' &&
 		    $r->{'j'} && $r->{'j'}->[1] eq 'ACCEPT' &&
 		    $r->{'p'} && $r->{'p'}->[0] eq '' &&
-		    $r->{'p'}->[1] eq 'tcp') {
+		    		 $r->{'p'}->[1] eq 'tcp') {
 			# Found tcp rule .. check ports
 			@rports = ( );
+			$rrange = undef;
 			if ($r->{'dports'} && $r->{'dports'}->[0] eq '') {
 				push(@rports, split(/,/, $r->{'dports'}->[1]));
+				$rrange = $r->{'dports'}->[1];
 				}
 			if ($r->{'dport'} && $r->{'dport'}->[0] eq '') {
 				($s, $e) = split(":", $r->{'dport'}->[1]);
@@ -83,8 +85,10 @@ PORT: foreach $p (@ARGV) {
 				elsif ($s) {
 					push(@rports, $s);
 					}
+				$rrange = $r->{'dport'}->[1];
 				}
-			if (&indexof($p, @rports) >= 0) {
+			if (&indexof($p, @rports) >= 0 ||
+			    $p eq $rrange) {
 				print STDERR ".. already allowed\n";
 				next PORT;
 				}