CP-40754 The firewall-port script returns true if port 80 is blocked and false if it is closed, this is captured in set_https_only to update the DB based on the tate of the network not the requested setting should there be a failure

Signed-off-by: jameshensmancitrix <james.hensman@citrix.com>

Author: jameshensmancitrix

ocaml/xapi/dbsync_slave.ml

@@ -122,7 +122,12 @@ let refresh_localhost_info ~__context info =
       ~key:Xapi_globs.host_no_local_storage ~value:"true"
   ) else
     Db.Host.remove_from_other_config ~__context ~self:host
-      ~key:Xapi_globs.host_no_local_storage
+      ~key:Xapi_globs.host_no_local_storage ;
+  let network_state =
+    Helpers.call_script !Xapi_globs.firewall_port_config_script ["check"; "80"]
+  in
+  Db.Host.set_https_only ~__context ~self:host
+    ~value:(bool_of_string network_state)
 
 (*************** update database tools ******************)
 

scripts/plugins/firewall-port

@@ -47,10 +47,19 @@ case "${OP}" in
             service iptables save
         fi
         ;;
+    check) 
+        if [[ -z `iptables -S $CHAIN | grep " $PORT "` ]]
+            then
+                echo true
+                else
+                echo false
+        fi
+        ;;
     *)
         echo $"Usage: $0 {open|close} {port} {protocol}" 1>&2
         exit 1
         ;;
 esac
+
 exit 0