package org.eclipse.kura.linux.net.iptables;

import java.io.BufferedReader;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Set;
import org.apache.commons.io.FileUtils;
import org.eclipse.kura.KuraErrorCode;
import org.eclipse.kura.KuraException;
import org.eclipse.kura.core.util.ProcessUtil;
import org.eclipse.kura.core.util.SafeProcess;
import org.eclipse.kura.linux.net.util.KuraConstants;
import org.eclipse.kura.net.IP4Address;
import org.eclipse.kura.net.IPAddress;
import org.eclipse.kura.net.NetworkPair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/kura/linux/net/iptables/LinuxFirewall.class */
public class LinuxFirewall {
    private static final Logger s_logger = LoggerFactory.getLogger(LinuxFirewall.class);
    private static final String[] HEADER = {"#!/bin/sh", "# IPTables Firewall script", ""};
    private static final String OS_VERSION = System.getProperty("kura.os.version");
    private static final String[] DEFAULT_POLICY = HEADER;
    private static final String[] CLEAR_ALL_CHAINS = {"", "#Clear all Built-in Chains", "iptables -F INPUT", "iptables -F OUTPUT", "iptables -F FORWARD", "iptables -t nat -F", ""};
    private static final String[] BLOCK_POLICY = {"", "#Block all ports for input traffic", "iptables -P INPUT DROP", "#block Output Traffic", "iptables -P OUTPUT ACCEPT", "#block forward Traffic", "iptables -P FORWARD DROP", "", "#Allow all traffic to the loop back interface", "iptables -A INPUT -i lo -j ACCEPT", "", "#Allow Only incoming connection related to Outgoing connection", "iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT", ""};
    private static final String[] ALLOW_ICMP = {"#allow inbound ICMP requests", "iptables -A INPUT -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT", "iptables -A OUTPUT -p icmp --icmp-type 0 -m state --state ESTABLISHED,RELATED -j ACCEPT", ""};
    private static final String[] DO_NOT_ALLOW_ICMP = {"#Do not allow inbound ICMP requests", "iptables -A INPUT -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED,RELATED -j DROP", "iptables -A OUTPUT -p icmp --icmp-type 0 -m state --state ESTABLISHED,RELATED -j DROP", ""};
    private static final String[] ALLOW_FORWARDING = {"#allow fowarding if any masquerade is defined", "echo 1 > /proc/sys/net/ipv4/ip_forward"};
    private static final String[] DO_NOT_ALLOW_FORWARDING = {"#do not allow fowarding unless masquerade is defined", "echo 0 > /proc/sys/net/ipv4/ip_forward"};
    private static final String[] FOOTER = {"#source a custom firewall script", "source /etc/init.d/firewall_cust 2> /dev/null"};
    private static LinuxFirewall s_linuxFirewall;
    private static final String FIREWALL_SCRIPT_NAME = "/etc/init.d/firewall";
    private static final String FIREWALL_TMP_SCRIPT_NAME = "/etc/init.d/firewall.tmp";
    private LinkedHashSet<LocalRule> m_localRules;
    private LinkedHashSet<PortForwardRule> m_portForwardRules;
    private LinkedHashSet<NATRule> m_autoNatRules;
    private LinkedHashSet<NATRule> m_natRules;
    private LinkedHashSet<String> m_customRules;
    private boolean m_allowIcmp;
    private boolean m_allowForwarding;

    private LinuxFirewall() {
        try {
            try {
                File file = new File(FIREWALL_SCRIPT_NAME);
                if (file.exists()) {
                    s_logger.debug(file + " file already exists");
                } else {
                    FileOutputStream fileOutputStream = new FileOutputStream(file);
                    s_logger.debug(file + " new file created");
                    PrintWriter printWriter = new PrintWriter(fileOutputStream);
                    for (String str : DEFAULT_POLICY) {
                        printWriter.println(str);
                    }
                    printWriter.println();
                    printWriter.close();
                }
            } catch (IOException unused) {
                s_logger.error("cannot create or read file");
            }
            this.m_localRules = new LinkedHashSet<>();
            this.m_portForwardRules = new LinkedHashSet<>();
            this.m_autoNatRules = new LinkedHashSet<>();
            this.m_natRules = new LinkedHashSet<>();
            this.m_customRules = new LinkedHashSet<>();
            this.m_allowIcmp = true;
            this.m_allowForwarding = false;
            initialize();
        } catch (Exception e) {
            e.printStackTrace();
            s_logger.error("failed to initialize LinuxFirewall");
        }
    }

    public static LinuxFirewall getInstance() {
        if (s_linuxFirewall == null) {
            s_linuxFirewall = new LinuxFirewall();
        }
        return s_linuxFirewall;
    }

    public ArrayList<String> readFileLinebyLine(String str) {
        ArrayList<String> arrayList = new ArrayList<>();
        DataInputStream dataInputStream = null;
        BufferedReader bufferedReader = null;
        try {
            try {
                dataInputStream = new DataInputStream(new FileInputStream(str));
                bufferedReader = new BufferedReader(new InputStreamReader(dataInputStream));
                int i = 0;
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    arrayList.add(i, readLine);
                    i++;
                }
                dataInputStream.close();
                if (dataInputStream != null) {
                    try {
                        dataInputStream.close();
                    } catch (IOException e) {
                        s_logger.error("I/O Exception while closing DataInputStream!", e);
                    }
                }
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e2) {
                        s_logger.error("I/O Exception while closing BufferedReader!", e2);
                    }
                }
            } catch (Throwable th) {
                if (dataInputStream != null) {
                    try {
                        dataInputStream.close();
                    } catch (IOException e3) {
                        s_logger.error("I/O Exception while closing DataInputStream!", e3);
                    }
                }
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e4) {
                        s_logger.error("I/O Exception while closing BufferedReader!", e4);
                    }
                }
                throw th;
            }
        } catch (FileNotFoundException e5) {
            s_logger.error("the file: " + str + " does not exist", e5);
            if (dataInputStream != null) {
                try {
                    dataInputStream.close();
                } catch (IOException e6) {
                    s_logger.error("I/O Exception while closing DataInputStream!", e6);
                }
            }
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e7) {
                    s_logger.error("I/O Exception while closing BufferedReader!", e7);
                }
            }
        } catch (IOException e8) {
            s_logger.error("IOException while trying to open: " + str, e8);
            if (dataInputStream != null) {
                try {
                    dataInputStream.close();
                } catch (IOException e9) {
                    s_logger.error("I/O Exception while closing DataInputStream!", e9);
                }
            }
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e10) {
                    s_logger.error("I/O Exception while closing BufferedReader!", e10);
                }
            }
        }
        s_logger.trace("size of destination is" + arrayList.size());
        return arrayList;
    }

    public void createFile(String str) throws KuraException {
        File file = new File(str);
        if (file.exists()) {
            s_logger.debug(file + " already exists in getdefaultroute method");
            return;
        }
        s_logger.debug(file + " does not exist in getdefaultroute method");
        try {
            file.createNewFile();
            s_logger.debug("new File: " + file + " created");
        } catch (IOException e) {
            s_logger.error(file + ", ERROR creating new file");
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:203:0x053e, code lost:
    
        r0 = new org.eclipse.kura.linux.net.iptables.PortForwardRule(r17, r18, r27, r19, r20, r21, r22, r25, r26, r24, r23);
        org.eclipse.kura.linux.net.iptables.LinuxFirewall.s_logger.debug("Adding port forward rule: " + r0.toString());
        r14.m_portForwardRules.add(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:208:0x03f8, code lost:
    
        if (r0.equals("-A") == false) goto L234;
     */
    /* JADX WARN: Code restructure failed: missing block: B:210:0x0403, code lost:
    
        if (r0.equals("FORWARD") == false) goto L230;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void initialize() throws org.eclipse.kura.KuraException {
        /*
            Method dump skipped, instructions count: 2245
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.eclipse.kura.linux.net.iptables.LinuxFirewall.initialize():void");
    }

    private boolean writeFile() throws KuraException {
        s_logger.trace("writing to file:  /etc/init.d/firewall.tmp");
        PrintWriter printWriter = null;
        try {
            try {
                PrintWriter printWriter2 = new PrintWriter(new FileOutputStream(FIREWALL_TMP_SCRIPT_NAME));
                for (String str : HEADER) {
                    printWriter2.println(str);
                }
                for (String str2 : CLEAR_ALL_CHAINS) {
                    printWriter2.println(str2);
                }
                for (String str3 : BLOCK_POLICY) {
                    printWriter2.println(str3);
                }
                if (this.m_allowIcmp) {
                    for (String str4 : ALLOW_ICMP) {
                        printWriter2.println(str4);
                    }
                } else {
                    for (String str5 : DO_NOT_ALLOW_ICMP) {
                        printWriter2.println(str5);
                    }
                }
                printWriter2.println("#custom local service rules");
                Iterator<LocalRule> it = this.m_localRules.iterator();
                while (it.hasNext()) {
                    printWriter2.println(it.next());
                }
                printWriter2.println();
                printWriter2.println("#custom port forward service rules");
                Iterator<PortForwardRule> it2 = this.m_portForwardRules.iterator();
                while (it2.hasNext()) {
                    printWriter2.println(it2.next());
                }
                printWriter2.println();
                printWriter2.println("#custom automatic NAT service rules (if NAT option is enabled for LAN interface)");
                Iterator<NATRule> it3 = this.m_autoNatRules.iterator();
                while (it3.hasNext()) {
                    printWriter2.println(it3.next());
                }
                printWriter2.println();
                printWriter2.println("#custom NAT service rules");
                Iterator<NATRule> it4 = this.m_natRules.iterator();
                while (it4.hasNext()) {
                    printWriter2.println(it4.next());
                }
                printWriter2.println();
                printWriter2.println("#custom rules");
                Iterator<String> it5 = this.m_customRules.iterator();
                while (it5.hasNext()) {
                    printWriter2.println(it5.next());
                }
                printWriter2.println();
                if (this.m_allowForwarding) {
                    for (String str6 : ALLOW_FORWARDING) {
                        printWriter2.println(str6);
                    }
                } else {
                    for (String str7 : DO_NOT_ALLOW_FORWARDING) {
                        printWriter2.println(str7);
                    }
                }
                printWriter2.println();
                for (String str8 : FOOTER) {
                    printWriter2.println(str8);
                }
                printWriter2.close();
                SafeProcess safeProcess = null;
                try {
                    safeProcess = ProcessUtil.exec("chmod 755 /etc/init.d/firewall.tmp");
                    safeProcess.waitFor();
                    if (safeProcess != null) {
                        ProcessUtil.destroy(safeProcess);
                    }
                    File file = new File(FIREWALL_TMP_SCRIPT_NAME);
                    File file2 = new File(FIREWALL_SCRIPT_NAME);
                    if (FileUtils.contentEquals(file, file2)) {
                        s_logger.info("Not rewriting firewall file because it is the same");
                        if (printWriter2 == null) {
                            return false;
                        }
                        printWriter2.close();
                        return false;
                    }
                    if (!file.renameTo(file2)) {
                        s_logger.error("Failed to write firewall file");
                        throw new KuraException(KuraErrorCode.CONFIGURATION_ERROR, new Object[]{"error while building up new configuration file for firewall"});
                    }
                    s_logger.trace("Successfully wrote firewall file");
                    if (printWriter2 == null) {
                        return true;
                    }
                    printWriter2.close();
                    return true;
                } catch (Throwable th) {
                    if (safeProcess != null) {
                        ProcessUtil.destroy(safeProcess);
                    }
                    throw th;
                }
            } catch (Exception e) {
                throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
            }
        } catch (Throwable th2) {
            if (0 != 0) {
                printWriter.close();
            }
            throw th2;
        }
    }

    public void addCustomRule(String str) throws KuraException {
        try {
            s_logger.info("adding custom local rule to  firewall configuration");
            this.m_customRules.add(str);
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void addLocalRule(int i, String str, String str2, String str3, String str4, String str5, String str6, String str7) throws KuraException {
        LocalRule localRule;
        try {
            if (str2 == null || str3 == null) {
                localRule = new LocalRule(i, str, (NetworkPair<IP4Address>) new NetworkPair(IPAddress.parseHostAddress("0.0.0.0"), (short) 0), str4, str4, str6, str7);
            } else {
                s_logger.debug("permittedNetwork: " + str2);
                s_logger.debug("permittedNetworkPrefix: " + str3);
                localRule = new LocalRule(i, str, (NetworkPair<IP4Address>) new NetworkPair(IPAddress.parseHostAddress(str2), Short.parseShort(str3)), str4, str5, str6, str7);
            }
            Iterator<LocalRule> it = this.m_localRules.iterator();
            while (it.hasNext()) {
                LocalRule next = it.next();
                if (localRule.equals(next)) {
                    s_logger.warn("Not adding local rule that is already present: " + next);
                    return;
                }
            }
            s_logger.info("adding local rule to firewall configuration: " + localRule.toString());
            this.m_localRules.add(localRule);
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void addPortForwardRule(String str, String str2, String str3, String str4, int i, int i2, boolean z, String str5, String str6, String str7, String str8) throws KuraException {
        try {
            PortForwardRule portForwardRule = str6 != null ? new PortForwardRule(str, str2, str3, str4, i, i2, z, str5, Short.parseShort(str6), str7, str8) : new PortForwardRule(str, str2, str3, str4, i, i2, z, str5, -1, str7, str8);
            Iterator<PortForwardRule> it = this.m_portForwardRules.iterator();
            while (it.hasNext()) {
                PortForwardRule next = it.next();
                if (portForwardRule.equals(next)) {
                    s_logger.warn("Not adding port forward rule that is already present: " + next);
                    return;
                }
            }
            s_logger.info("adding port forward rule to firewall configuration: " + portForwardRule.toString());
            this.m_portForwardRules.add(portForwardRule);
            this.m_allowForwarding = true;
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void addNatRule(String str, String str2, boolean z) throws KuraException {
        if (str != null) {
            try {
                if (!str.isEmpty()) {
                    if (str2 == null || str2.isEmpty()) {
                        s_logger.warn("Can't add auto NAT rule - destination interface not specified");
                        return;
                    }
                    NATRule nATRule = new NATRule(str, str2, z);
                    Iterator<NATRule> it = this.m_autoNatRules.iterator();
                    while (it.hasNext()) {
                        NATRule next = it.next();
                        if (nATRule.equals(next)) {
                            s_logger.warn("Not adding auto nat rule that is already present: " + next);
                            return;
                        }
                    }
                    s_logger.info("adding auto NAT rule to firewall configuration: " + nATRule.toString());
                    this.m_autoNatRules.add(nATRule);
                    this.m_allowForwarding = true;
                    update();
                    return;
                }
            } catch (Exception e) {
                throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
            }
        }
        s_logger.warn("Can't add auto NAT rule - source interface not specified");
    }

    public void addNatRule(String str, String str2, String str3, String str4, String str5, boolean z) throws KuraException {
        if (str != null) {
            try {
                if (!str.isEmpty()) {
                    if (str2 == null || str2.isEmpty()) {
                        s_logger.warn("Can't add NAT rule - destination interface not specified");
                        return;
                    }
                    NATRule nATRule = new NATRule(str, str2, str3, str4, str5, z);
                    s_logger.info("adding NAT rule to firewall configuration: {}", nATRule.toString());
                    this.m_natRules.add(nATRule);
                    this.m_allowForwarding = true;
                    update();
                    return;
                }
            } catch (Exception e) {
                throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
            }
        }
        s_logger.warn("Can't add NAT rule - source interface not specified");
    }

    public Set<LocalRule> getLocalRules() throws KuraException {
        try {
            return this.m_localRules;
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public Set<PortForwardRule> getPortForwardRules() throws KuraException {
        try {
            return this.m_portForwardRules;
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public Set<NATRule> getAutoNatRules() throws KuraException {
        try {
            return this.m_autoNatRules;
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public Set<NATRule> getNatRules() throws KuraException {
        try {
            return this.m_natRules;
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void deleteLocalRule(LocalRule localRule) throws KuraException {
        try {
            this.m_localRules.remove(localRule);
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void deletePortForwardRule(PortForwardRule portForwardRule) throws KuraException {
        try {
            this.m_portForwardRules.remove(portForwardRule);
            if (this.m_autoNatRules != null && this.m_autoNatRules.size() < 1 && this.m_natRules != null && this.m_natRules.size() < 1 && this.m_portForwardRules != null && this.m_portForwardRules.size() < 1) {
                this.m_allowForwarding = false;
            }
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void deleteAutoNatRule(NATRule nATRule) throws KuraException {
        try {
            this.m_autoNatRules.remove(nATRule);
            if (this.m_autoNatRules != null && this.m_autoNatRules.size() < 1 && this.m_natRules != null && this.m_natRules.size() < 1 && this.m_portForwardRules != null && this.m_portForwardRules.size() < 1) {
                this.m_allowForwarding = false;
            }
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void deleteAllLocalRules() throws KuraException {
        try {
            this.m_localRules.clear();
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void deleteAllPortForwardRules() throws KuraException {
        try {
            this.m_portForwardRules.clear();
            if (this.m_autoNatRules != null && this.m_autoNatRules.size() < 1 && this.m_natRules != null && this.m_natRules.size() < 1) {
                this.m_allowForwarding = false;
            }
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void replaceAllNatRules(LinkedHashSet<NATRule> linkedHashSet) throws KuraException {
        try {
            this.m_autoNatRules = linkedHashSet;
            if ((this.m_autoNatRules == null || this.m_autoNatRules.size() <= 0) && ((this.m_natRules == null || this.m_natRules.size() <= 0) && (this.m_portForwardRules == null || this.m_portForwardRules.size() <= 0))) {
                this.m_allowForwarding = false;
            } else {
                this.m_allowForwarding = true;
            }
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void deleteAllAutoNatRules() throws KuraException {
        try {
            this.m_autoNatRules.clear();
            if (this.m_natRules != null && this.m_natRules.size() < 1 && this.m_portForwardRules != null && this.m_portForwardRules.size() < 1) {
                this.m_allowForwarding = false;
            }
            update();
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void deleteAllNatRules() throws KuraException {
        try {
            this.m_natRules.clear();
            if (this.m_autoNatRules != null && this.m_autoNatRules.size() < 1 && this.m_portForwardRules != null && this.m_portForwardRules.size() < 1) {
                this.m_allowForwarding = false;
            }
            update();
        } catch (KuraException e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void blockAllPorts() throws KuraException {
        deleteAllLocalRules();
        deleteAllPortForwardRules();
        deleteAllAutoNatRules();
        update();
    }

    public void unblockAllPorts() throws KuraException {
        deleteAllLocalRules();
        deleteAllPortForwardRules();
        deleteAllAutoNatRules();
        update();
    }

    private void runScript() throws KuraException {
        try {
            try {
                if (!new File(FIREWALL_SCRIPT_NAME).exists()) {
                    throw new KuraException(KuraErrorCode.INTERNAL_ERROR, new Object[]{"Firewall configuration file: /etc/init.d/firewall does not exist."});
                }
                s_logger.info("Running the firewall script");
                SafeProcess exec = ProcessUtil.exec("sh /etc/init.d/firewall");
                exec.waitFor();
                if (exec != null) {
                    ProcessUtil.destroy(exec);
                }
            } catch (Exception e) {
                throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                ProcessUtil.destroy((SafeProcess) null);
            }
            throw th;
        }
    }

    private void iptablesSave() throws KuraException {
        SafeProcess exec;
        try {
            try {
                if (OS_VERSION.equals(String.valueOf(KuraConstants.Mini_Gateway.getImageName()) + "_" + KuraConstants.Mini_Gateway.getImageVersion())) {
                    exec = ProcessUtil.exec("iptables-save > /opt/eurotech/firewall_rules.fw");
                    exec.waitFor();
                } else {
                    exec = ProcessUtil.exec("service iptables save");
                    exec.waitFor();
                }
                if (exec != null) {
                    ProcessUtil.destroy(exec);
                }
            } catch (Exception e) {
                throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                ProcessUtil.destroy((SafeProcess) null);
            }
            throw th;
        }
    }

    public void enable() throws KuraException {
        update();
        iptablesSave();
    }

    public void disable() throws KuraException {
        iptablesSave();
        s_logger.trace("writing to file:  /etc/init.d/firewall.tmp");
        try {
            PrintWriter printWriter = new PrintWriter(new FileOutputStream(FIREWALL_TMP_SCRIPT_NAME));
            for (String str : HEADER) {
                printWriter.println(str);
            }
            for (String str2 : CLEAR_ALL_CHAINS) {
                printWriter.println(str2);
            }
            printWriter.flush();
            printWriter.close();
            File file = new File(FIREWALL_TMP_SCRIPT_NAME);
            File file2 = new File(FIREWALL_SCRIPT_NAME);
            if (FileUtils.contentEquals(file, file2)) {
                s_logger.info("Not rewriting firewall file because it is the same");
            } else {
                if (!file.renameTo(file2)) {
                    s_logger.error("Failed to write firewall file");
                    throw new KuraException(KuraErrorCode.CONFIGURATION_ERROR, new Object[]{"error while building up new configuration file for firewall"});
                }
                s_logger.trace("Successfully wrote firewall file");
                runScript();
            }
        } catch (Exception e) {
            throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e, new Object[0]);
        }
    }

    public void allowIcmp() {
        this.m_allowIcmp = true;
    }

    public void disableIcmp() {
        this.m_allowIcmp = false;
    }

    public void enableForwarding() {
        this.m_allowForwarding = true;
    }

    public void disableForwarding() {
        this.m_allowForwarding = false;
    }

    private void update() throws KuraException {
        if (writeFile()) {
            runScript();
        }
    }
}
