From dd7db0de93d40de2e159dcf9df22b9000bb33faa Mon Sep 17 00:00:00 2001
From: Sorvani <sorvani@gmail.com>
Date: Wed, 8 Nov 2017 04:37:34 -0600
Subject: [PATCH] Moved firewall commands from CentOS 7 to a routine and called
 form both CentOS 7 and Fedora. (#4366)

---
 snipeit.sh | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/snipeit.sh b/snipeit.sh
index 3912d713b133..832e5372cb9a 100755
--- a/snipeit.sh
+++ b/snipeit.sh
@@ -147,6 +147,14 @@ isdnfinstalled () {
     fi
 }
 
+openfirewalld () {
+    if [ "$(firewall-cmd --state)" == "running" ]; then
+        echo "* Configuring firewall to allow HTTP traffic only."
+        log "firewall-cmd --zone=public --add-port=http/tcp --permanent"
+        log "firewall-cmd --reload"
+    fi
+}
+
 if [[ -f /etc/lsb-release || -f /etc/debian_version ]]; then
     distro="$(lsb_release -s -i)"
     version="$(lsb_release -s -r)"
@@ -539,11 +547,8 @@ case $distro in
 
         installsnipeit
 
-        if [ "$(firewall-cmd --state)" == "running" ]; then
-            echo "* Configuring firewall."
-            log "firewall-cmd --zone=public --add-port=http/tcp --permanent"
-            log "firewall-cmd --reload"
-        fi
+        #open the firewall for HTTP traffic only
+        openfirewalld
 
         #Check if SELinux is enforcing
         if [ "$(getenforce)" == "Enforcing" ]; then
@@ -602,6 +607,9 @@ case $distro in
 
         installsnipeit
 
+        #open the firewall for HTTP traffic only
+        openfirewalld
+
         #Check if SELinux is enforcing
         if [ "$(getenforce)" == "Enforcing" ]; then
             echo "* Configuring SELinux."