Adjustments to firewall rules generation/initializations for running multiple benchmarks
authorrtrimana <rtrimana@uci.edu>
Thu, 30 Nov 2017 23:38:18 +0000 (15:38 -0800)
committerrtrimana <rtrimana@uci.edu>
Thu, 30 Nov 2017 23:38:18 +0000 (15:38 -0800)
benchmarks/Java/HomeSecurityController/HomeSecurityController.java
iotjava/iotruntime/master/CRuntimeInstrumenterMaster.java
iotjava/iotruntime/master/CommunicationHandler.java
iotjava/iotruntime/master/IoTMaster.java
iotjava/iotruntime/master/ObjectInitHandler.java
iotjava/iotruntime/master/RouterConfig.java
localconfig/mysql/cameras.config

index 09c0527..b6a398a 100644 (file)
@@ -624,8 +624,11 @@ public class HomeSecurityController implements SmartthingsSensorCallback, Smartt
         */
        public void init() {
 
+        System.out.println("DEBUG: Stopping here for debug purposes!");
+        while(true) { }
+
                // Initialize IoTCloud server
-               initIoTCloudServer();
+               /*initIoTCloudServer();
 
                // Iterate over the set of rooms
                for (RoomSmart rm : roomSet.values()) {
@@ -670,7 +673,7 @@ public class HomeSecurityController implements SmartthingsSensorCallback, Smartt
                                }
                        }
 
-               }
+               }*/
        }
 }
 
index 2662fc1..16052ad 100644 (file)
@@ -65,13 +65,13 @@ public final class CRuntimeInstrumenterMaster {
                        prop.load(fis);
                        fis.close();
                } catch (IOException ex) {
-                       System.out.println("CRuntimeInstrumenterMaster: Error reading config file: " + strCfgFileName + 
-                               ". Please make sure it contains field information!");
+                       RuntimeOutput.print("CRuntimeInstrumenterMaster: Error reading config file: " + strCfgFileName + 
+                               ". Please make sure it contains field information!", bVerbose);
                        ex.printStackTrace();
                }
-               System.out.println("CRuntimeInstrumenterMaster: Reading " + strCfgField +
+               RuntimeOutput.print("CRuntimeInstrumenterMaster: Reading " + strCfgField +
                        " from config file: " + strCfgFileName + " with value: " + 
-                       prop.getProperty(strCfgField, null));
+                       prop.getProperty(strCfgField, null), bVerbose);
                // NULL is returned if the property isn't found
                return prop.getProperty(strCfgField, null);
        }
index 15db690..fd43408 100644 (file)
@@ -67,6 +67,7 @@ public final class CommunicationHandler {
        private Map<Integer, Integer> hmRMIRegPort;
        private Map<Integer, Integer> hmRMIStubPort;
        private Set<Integer> hsDevicePort;
+       private Set<Integer> hsAllPorts;
        private Map<Integer, Integer> hmAdditionalPort;
        private int iNumOfObjects;
        private int iNumOfHosts;
@@ -96,12 +97,40 @@ public final class CommunicationHandler {
                hmRMIRegPort = new HashMap<Integer, Integer>();
                hmRMIStubPort = new HashMap<Integer, Integer>();
                hsDevicePort = new HashSet<Integer>();
+               hsAllPorts = new HashSet<Integer>();
                hmAdditionalPort = new HashMap<Integer, Integer>();
                iNumOfObjects = 0;
                iNumOfHosts = 0;
                bVerbose = _bVerbose;
                RuntimeOutput.print("CommunicationHandler: Creating a new CommunicationHandler object!", bVerbose);
        }
+       
+       /**
+        * Method clearCommunicationHandler()
+        * <p>
+        * Clear the data structure
+        *
+        * @return  void
+        */
+       public void clearCommunicationHandler() {
+
+               listActiveControllerObj.clear();
+               listFieldObjectID.clear();
+               listObjCrtInfo.clear();
+               listArrFieldValues.clear();
+               listArrFieldClasses.clear();
+               hmActiveObj.clear();
+               hmHostAdd.clear();
+               hmHostList.clear();
+               hmComPort.clear();
+               hmRMIRegPort.clear();
+               hmRMIStubPort.clear();
+               hsDevicePort.clear();
+               hmAdditionalPort.clear();
+               iNumOfObjects = 0;
+               iNumOfHosts = 0;
+               RuntimeOutput.print("CommunicationHandler: Clearing CommunicationHandler object's data structure!", bVerbose);
+    }
 
        /**
         * Method addPortConnection()
@@ -139,6 +168,8 @@ public final class CommunicationHandler {
                        // Check port existence in HashMap
                } while (portIsAvailable(iComPort) == false);
                hmComPort.put(iNumOfObjects, iComPort);
+               // hsAllPorts tracks all the existing and used port numbers
+               hsAllPorts.add(iComPort);
 
                int iRMIRegPort = 0;
                do {
@@ -146,6 +177,7 @@ public final class CommunicationHandler {
                        // Check port existence in HashMap
                } while (portIsAvailable(iRMIRegPort) == false);
                hmRMIRegPort.put(iNumOfObjects, iRMIRegPort);
+               hsAllPorts.add(iRMIRegPort);
 
                int iRMIStubPort = 0;
                do {
@@ -153,6 +185,7 @@ public final class CommunicationHandler {
                        // Check port existence in HashMap
                } while (portIsAvailable(iRMIStubPort) == false);
                hmRMIStubPort.put(iNumOfObjects, iRMIStubPort);
+               hsAllPorts.add(iRMIStubPort);
 
                iNumOfObjects++;
        }
@@ -194,7 +227,8 @@ public final class CommunicationHandler {
        public void addDevicePort(int iDevPort) {
 
                hsDevicePort.add(iDevPort);
-
+               // Track this port number
+        hsAllPorts.add(iDevPort);
        }
 
        /**
@@ -215,6 +249,8 @@ public final class CommunicationHandler {
                        // Check port existence in HashMap
                } while (portIsAvailable(iAdditionalPort) == false);
                hmAdditionalPort.put(iNumOfObjects, iAdditionalPort);
+               // Track this port number
+               hsAllPorts.add(iAdditionalPort);
 
                iNumOfObjects++;
 
@@ -233,7 +269,7 @@ public final class CommunicationHandler {
         */
        public boolean portIsAvailable(int iPortNumber) {
 
-               if (hmComPort.containsValue(iPortNumber) == true) {
+               /*if (hmComPort.containsValue(iPortNumber) == true) {
                        return false;
                } else if (hmRMIRegPort.containsValue(iPortNumber) == true) {
                        return false;
@@ -245,6 +281,11 @@ public final class CommunicationHandler {
                        return false;
                } else {
                        return true;
+               }*/
+               if (hsAllPorts.contains(iPortNumber)) {
+                   return false;
+               } else {
+                   return true;
                }
        }
 
index 3ce672d..2d5b44f 100644 (file)
@@ -1377,6 +1377,8 @@ public final class IoTMaster {
        private void setRouterBasicPolicies(String strRouter) {
 
                String strMonitorHost = routerConfig.getIPFromMACAddress(STR_MONITORING_HOST);
+           routerConfig.initMainPolicy(strRouter);
+           routerConfig.combineRouterPolicies(strRouter);
                routerConfig.configureRouterICMPPolicies(strRouter, strMonitorHost);
                routerConfig.configureRouterDHCPPolicies(strRouter);
                routerConfig.configureRouterDNSPolicies(strRouter);
@@ -1393,6 +1395,8 @@ public final class IoTMaster {
        private void setHostBasicPolicies(String strHost) {
 
                String strMonitorHost = routerConfig.getIPFromMACAddress(STR_MONITORING_HOST);
+           routerConfig.initMainPolicy(strHost);
+           routerConfig.combineRouterPolicies(strHost);
                routerConfig.configureHostDHCPPolicies(strHost);
                routerConfig.configureHostDNSPolicies(strHost);
                if (strHost.equals(strMonitorHost)) {
@@ -1990,13 +1994,14 @@ public final class IoTMaster {
                try {
                        // Extract hostname for this IoTMaster from MySQL DB
                        strIoTMasterHostAdd = routerConfig.getIPFromMACAddress(STR_MASTER_MAC_ADD);
+                   // Assign a new list of PrintWriter objects
+           routerConfig.renewPrintWriter();
                        // Loop as we can still find controller/device classes
                        for(int i=0; i<strObjectNames.length; i++) {
                                // PROFILING
                                start = System.currentTimeMillis();
-
-                               // Assign a new list of PrintWriter objects
-                               routerConfig.renewPrintWriter();
+                       // Assign a new list of main PrintWriter objects
+               routerConfig.renewMainPrintWriter();
                                // Get controller names one by one
                                String strObjControllerName = strObjectNames[i];
                                // Use LoadBalancer to assign a host address
@@ -2111,6 +2116,11 @@ public final class IoTMaster {
                                        // SetInstrumenter vs. RelationInstrumenter
                                        String strFieldName = map.getKey();
                                        String strClassName = map.getValue().getClass().getName();
+
+                           System.out.println("\n\nDEBUG: Instrumenting IoTSet and IoTRelation objects!!!");
+                           System.out.println("DEBUG: Field name: " + strFieldName);
+                           System.out.println("DEBUG: Class name: " + strFieldName + "\n\n");
+
                                        if(strClassName.equals(STR_SET_INSTRUMENTER_CLS)) {
                                                SetInstrumenter setInstrumenter = (SetInstrumenter) map.getValue();
                                                if(setInstrumenter.getObjTableName().equals(STR_IOT_DEV_ADD_CLS)) { 
@@ -2146,18 +2156,14 @@ public final class IoTMaster {
                                // PROFILING
                                start = System.currentTimeMillis();
 
-                               // ROUTING POLICY: Deploy basic policies if this is the last controller
-                               if (i == strObjectNames.length-1) {
-                                       // ROUTING POLICY: implement basic policies to reject all other irrelevant traffics
-                                       for(String s: commHan.getHosts()) {
-                                               setHostBasicPolicies(s);
-                                       }
-                                       // We retain all the basic policies for router, 
-                                       // but we delete the initial allowance policies for internal all TCP and UDP communications
-                                       setRouterBasicPolicies(STR_ROUTER_ADD);
+                               // ROUTING POLICY: implement basic policies to reject all other irrelevant traffics
+                               for(String s: commHan.getHosts()) {
+                                       setHostBasicPolicies(s);
                                }
-                               // Close access to policy files and deploy policies
-                               routerConfig.close();
+                               // We retain all the basic policies for router, 
+                               // but we delete the initial allowance policies for internal all TCP and UDP communications
+                               setRouterBasicPolicies(STR_ROUTER_ADD);
+                               routerConfig.closeMain();
                                // Deploy the policy
                                HashSet<String> setAddresses = new HashSet<String>(commHan.getHosts());
                                setAddresses.add(strIoTMasterHostAdd);
@@ -2204,11 +2210,15 @@ public final class IoTMaster {
                                inStream.close();
                                socket.close();
                                serverSocket.close();
+                               objInitHand.clearObjectInitHandler();
                                commHan.printLists();
+                               commHan.clearCommunicationHandler();
                                lbIoT.printHostInfo();
                                if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
                                        createMACPolicyThreads(setAddresses);
                        }
+                       // Close access to policy files and deploy policies
+                       routerConfig.close();
 
                } catch (IOException          |
                                 InterruptedException |
index 27366b6..94a9825 100644 (file)
@@ -75,6 +75,23 @@ public final class ObjectInitHandler {
                bVerbose = _bVerbose;
                RuntimeOutput.print("ObjectInitHandler: Creating a new ObjectInitHandler object!", bVerbose);
        }
+       
+    /**
+        * Method clearObjectInitHandler()
+        * <p>
+        * Clear the data structure
+        *
+        * @return  void
+        */
+       public void clearObjectInitHandler() {
+
+               listField.clear();
+               listFieldToSetRelation.clear();
+               listFieldToObject.clear();
+               mapFieldToSecondObject.clear();
+               iNumOfFields = 0;
+               RuntimeOutput.print("ObjectInitHandler: Clearing ObjectInitHandler object's data structure!", bVerbose);
+       }
 
        /**
         * Method addField()
index 760f3d2..e6e0413 100644 (file)
@@ -7,6 +7,9 @@ import java.io.BufferedWriter;
 import java.io.FileWriter;
 import java.io.PrintWriter;
 import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.nio.charset.StandardCharsets;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -19,6 +22,12 @@ import java.util.Map;
  *  that doesn't require "iptables" command to be invoked many
  *  times - each invocation of "iptables" will load the existing
  *  table from the kernel space before appending the new rule.
+ *  <p>
+ *  We write the core policy repeatedly for each benchmark, while
+ *  the header "*filter" and tail (a bunch of closing rules and
+ *  REJECT rules) are written into a different file.
+ *  They are merged and deployed for every benchmark bootstrapped
+ *  in the main loop.
  *
  * @author      Rahmadi Trimananda <rahmadi.trimananda @ uci.edu>
  * @version     2.0
@@ -31,12 +40,14 @@ public final class RouterConfig {
         */
        private static final String STR_SSH_USERNAME_ROUTER = "root";
        private static final String STR_SSH_USERNAME_HOST   = "iotuser";
+       private static final String STR_POLICY_FILE_ALL         = "_all";
        private static final String STR_POLICY_FILE_EXT         = ".policy";
 
        /**
         * RouterConfig properties
         */
        private Map<String, PrintWriter> mapHostToFile;
+       private Map<String, PrintWriter> mapHostToMainFile;
        private Map<String, String> mapMACtoIPAdd;
 
        /**
@@ -57,11 +68,59 @@ public final class RouterConfig {
 
                mapHostToFile = new HashMap<String, PrintWriter>();
        }
+       
+       /**
+        * renewMainPrintWriter() renews the mapHostToMainFile object that lists all main PrintWriters
+        *
+        * @return  void
+        */
+       public void renewMainPrintWriter() {
+       
+               mapHostToMainFile = new HashMap<String, PrintWriter>();
+       }
+       
+       /**
+        * initMainPolicy() initializes the main PrintWriter object to print the entire policies
+        *
+        * @param   strConfigHost   String hostname to be configured
+        * @return  void
+        */
+       public void initMainPolicy(String strConfigHost) {
+
+           PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
+           pwConfig.println("*filter");        // Print header for iptables-restore
+       }
+
+       /**
+        * getMainPrintWriter() gets the main PrintWriter object to print the entire policies
+        *
+        * @param   strHost       String hostname to be configured
+        * @return  PrintWriter
+        */
+       private PrintWriter getMainPrintWriter(String strHost) {
+
+        String strConfigHost = strHost + STR_POLICY_FILE_ALL;
+               // Return object if existing
+               if (mapHostToMainFile.containsKey(strConfigHost)) {
+                       return mapHostToMainFile.get(strConfigHost);
+               } else {
+               // Simply create a new one if it doesn't exist
+                       FileWriter fw = null;
+                       try {
+                               fw = new FileWriter(strConfigHost + STR_POLICY_FILE_EXT);
+                       } catch (IOException ex) {
+                               ex.printStackTrace();
+                       }
+                       PrintWriter pwConfig = new PrintWriter(new BufferedWriter(fw));
+                       mapHostToMainFile.put(strConfigHost, pwConfig);
+                       return pwConfig;
+               }
+       }
 
        /**
         * getPrintWriter() gets the right PrintWriter object to print policies to the right file
         *
-        * @param   strConfigHost String hostname to be configured
+        * @param   strConfigHost       String hostname to be configured
         * @return  PrintWriter
         */
        private PrintWriter getPrintWriter(String strConfigHost) {
@@ -78,12 +137,56 @@ public final class RouterConfig {
                                ex.printStackTrace();
                        }
                        PrintWriter pwConfig = new PrintWriter(new BufferedWriter(fw));
-                       pwConfig.println("*filter");    // Print header for iptables-restore
+                       //pwConfig.println("*filter");  // Print header for iptables-restore
                        mapHostToFile.put(strConfigHost, pwConfig);
                        return pwConfig;
                }
        }
        
+       /**
+        * readFile() read the entire file and return a string
+        *
+        * @return  String  String that contains the content of the file
+        */      
+       public String readFile(String filePath) {
+
+               String retStr = null;
+               try {
+                       retStr = new String(Files.readAllBytes(Paths.get(filePath)), StandardCharsets.UTF_8);
+               } catch (IOException ex) {
+                       ex.printStackTrace();
+               }
+               return retStr;
+       }
+       
+       /**
+        * combineRouterPolicies() method combines the core router policies into the main file
+        *
+        * @param   strConfigHost                       String hostname to be configured
+        * @return  void
+        */
+       public void combineRouterPolicies(String strConfigHost) {
+
+               PrintWriter pwConfigAll = getMainPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               pwConfig.flush();
+               String strPolicyList = readFile(strConfigHost + STR_POLICY_FILE_EXT);
+               pwConfigAll.print(strPolicyList);
+       }
+       
+       /**
+        * closeMain() closes all main PrintWriter objects
+        *
+        * @return  void
+        */
+       public void closeMain() {
+
+               for(PrintWriter pwConfig: mapHostToMainFile.values()) {
+                       pwConfig.println("COMMIT");             // Add "COMMIT" statement to end the list for iptables-restore
+                       pwConfig.close();
+               }
+       }
+       
        /**
         * close() closes all PrintWriter objects
         *
@@ -92,7 +195,6 @@ public final class RouterConfig {
        public void close() {
 
                for(PrintWriter pwConfig: mapHostToFile.values()) {
-                       pwConfig.println("COMMIT");             // Add "COMMIT" statement to end the list for iptables-restore
                        pwConfig.close();
                }
        }
@@ -105,13 +207,13 @@ public final class RouterConfig {
         */
        public void sendRouterPolicies(String strConfigHost) {
 
-               String strCmdSend = "scp " + strConfigHost + STR_POLICY_FILE_EXT + " " + 
+               String strCmdSend = "scp " + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + " " + 
                        STR_SSH_USERNAME_ROUTER + "@" + strConfigHost + ":~;";
                //System.out.println(strCmdSend);
                deployPolicies(strCmdSend);
                String strCmdDeploy = "ssh " + STR_SSH_USERNAME_ROUTER + "@" + strConfigHost +
-                       " iptables-restore < ~/" + strConfigHost + STR_POLICY_FILE_EXT + "; rm ~/" + strConfigHost + 
-                       STR_POLICY_FILE_EXT + "; ";// + 
+                       " iptables-restore < ~/" + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; rm ~/" + strConfigHost + 
+                       STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; ";// + 
                        // TODO: delete these later when we apply tight initial conditions (reject everything but SSH commands)
                        //"iptables -F startup_filter_tcp; iptables -F startup_filter_udp; " +
                        //"iptables -t filter -D FORWARD -j startup_filter_tcp; iptables -t filter -D FORWARD -j startup_filter_udp;";
@@ -127,14 +229,14 @@ public final class RouterConfig {
         */
        public void sendHostPolicies(String strConfigHost) {
 
-               String strCmdSend = "scp " + strConfigHost + STR_POLICY_FILE_EXT + " " + 
+               String strCmdSend = "scp " + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + " " + 
                        STR_SSH_USERNAME_HOST + "@" + strConfigHost + ":~;";
-               //System.out.println(strCmdSend);
+               System.out.println(strCmdSend);
                deployPolicies(strCmdSend);
                String strCmdDeploy = "ssh " + STR_SSH_USERNAME_HOST + "@" + strConfigHost +
-                       " sudo iptables-restore < ~/" + strConfigHost + STR_POLICY_FILE_EXT + "; rm ~/" + strConfigHost + 
-                       STR_POLICY_FILE_EXT + ";";
-               //System.out.println(strCmdDeploy);
+                       " sudo iptables-restore < ~/" + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; rm ~/" + strConfigHost + 
+                       STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + ";";
+               System.out.println(strCmdDeploy);
                deployPolicies(strCmdDeploy);
        }
 
@@ -482,7 +584,7 @@ public final class RouterConfig {
         */
        public void configureRouterICMPPolicies(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow ICMP
                pwConfig.println("-A FORWARD -j ACCEPT -p icmp");
                pwConfig.println("-A INPUT -j ACCEPT -p icmp");
@@ -502,7 +604,7 @@ public final class RouterConfig {
         */
        public void configureRouterICMPPolicies(String strConfigHost, String strMonitorHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow ICMP
                pwConfig.println("-A FORWARD -j ACCEPT -p icmp");
                pwConfig.println("-A INPUT -j ACCEPT -s " + strMonitorHost + 
@@ -528,7 +630,7 @@ public final class RouterConfig {
         */
        public void configureRouterSSHPolicies(String strConfigHost, String strMonitorHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow SSH - port 22 (only from monitor host)
                pwConfig.println("-A INPUT -j ACCEPT -s " + 
                        strMonitorHost + " -d " + strConfigHost + " -p tcp --dport ssh");
@@ -563,7 +665,7 @@ public final class RouterConfig {
         */
        public void configureRouterDHCPPolicies(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow DHCP renew - BOOTP Client port 68 / BOOTP Server port 67
                pwConfig.println("-A INPUT -j ACCEPT -p udp --dport bootpc");
                pwConfig.println("-A INPUT -j ACCEPT -p udp --sport bootpc");
@@ -583,7 +685,7 @@ public final class RouterConfig {
         */
        public void configureRouterDNSPolicies(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow DNS UDP and TCP port 53
                pwConfig.println("-A INPUT -j ACCEPT -p tcp --dport domain");
                pwConfig.println("-A INPUT -j ACCEPT -p tcp --sport domain");
@@ -607,7 +709,7 @@ public final class RouterConfig {
         */
        public void configureRejectPolicies(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Reject every other thing
                pwConfig.println("-A FORWARD -j REJECT");
                pwConfig.println("-A INPUT -j REJECT");
@@ -626,7 +728,7 @@ public final class RouterConfig {
         */
        public void configureRouterNATPolicy(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Configure NAT
                pwConfig.println("-t nat -A POSTROUTING -o eth0 -j MASQUERADE");
                // Add the following 2 lines
@@ -693,7 +795,7 @@ public final class RouterConfig {
         */
        public void configureHostICMPPolicies(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow ICMP
                pwConfig.println("-A INPUT -j ACCEPT -p icmp");
                pwConfig.println("-A OUTPUT -j ACCEPT -p icmp");
@@ -709,7 +811,7 @@ public final class RouterConfig {
         */
        public void configureHostSQLPolicies(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow ICMP
                pwConfig.println("-A INPUT -j ACCEPT -p tcp --dport mysql");
                pwConfig.println("-A INPUT -j ACCEPT -p tcp --sport mysql");
@@ -728,7 +830,7 @@ public final class RouterConfig {
         */
        public void configureHostICMPPolicies(String strConfigHost, String strMonitorHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow ICMP
                pwConfig.println("-A INPUT -j ACCEPT -s " + strMonitorHost + 
                        " -d " + strConfigHost + " -p icmp");
@@ -751,7 +853,7 @@ public final class RouterConfig {
         */
        public void configureHostSSHPolicies(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow SSH - port 22
                pwConfig.println("-A INPUT -j ACCEPT -p tcp --dport ssh");
                pwConfig.println("-A INPUT -j ACCEPT -p tcp --sport ssh");
@@ -773,7 +875,7 @@ public final class RouterConfig {
         */
        public void configureHostSSHPolicies(String strConfigHost, String strMonitorHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow SSH - port 22
                pwConfig.println("-A INPUT -j ACCEPT -s " + 
                        strMonitorHost + " -d " + strConfigHost + " -p tcp --dport ssh");
@@ -804,7 +906,7 @@ public final class RouterConfig {
         */
        public void configureHostDHCPPolicies(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow DHCP renew - BOOTP Client port 68 / BOOTP Server port 67
                pwConfig.println("-A INPUT -j ACCEPT -p udp --dport bootpc");
                pwConfig.println("-A INPUT -j ACCEPT -p udp --sport bootpc");
@@ -823,7 +925,7 @@ public final class RouterConfig {
         */
        public void configureHostDNSPolicies(String strConfigHost) {
 
-               PrintWriter pwConfig = getPrintWriter(strConfigHost);
+               PrintWriter pwConfig = getMainPrintWriter(strConfigHost);
                // Allow DNS UDP and TCP port 53
                pwConfig.println("-A INPUT -j ACCEPT -p tcp --dport domain");
                pwConfig.println("-A INPUT -j ACCEPT -p tcp --sport domain");
index 083ca82..0a35a61 100644 (file)
@@ -1,3 +1,5 @@
 SELECT * FROM
 CameraSmart
+WHERE
+ID='CM3' OR ID='CM4'
 ;