Merge pull request #471 from oneinstack/checkos_firewall

feat: change to firewalld&ufw and Update check_os.sh

include/GraphicsMagick.sh

@@ -51,7 +51,7 @@ Install_pecl_gmagick() {
       echo "${CSUCCESS}PHP gmagick module installed successfully! ${CEND}"
       rm -rf gmagick-${gmagick_ver} gmagick-${gmagick_oldver}
     else
-      echo "${CFAILURE}PHP gmagick module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP gmagick module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/ImageMagick.sh

@@ -58,7 +58,7 @@ Install_pecl_imagick() {
       echo "${CSUCCESS}PHP imagick module installed successfully! ${CEND}"
       rm -rf imagick-${imagick_ver} imagick-${imagick_oldver}
     else
-      echo "${CFAILURE}PHP imagick module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP imagick module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/apache.sh

@@ -63,7 +63,7 @@ Install_Apache() {
     rm -rf httpd-${apache_ver} pcre-${pcre_ver}
   else
     rm -rf ${apache_install_dir}
-    echo "${CFAILURE}Apache install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Apache install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/apcu.sh

@@ -36,7 +36,7 @@ EOF
       echo "${CSUCCESS}PHP apcu module installed successfully! ${CEND}"
       rm -rf apcu-${apcu_ver} apcu-${apcu_oldver} package.xml
     else
-      echo "${CFAILURE}PHP apcu module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP apcu module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/check_os.sh

@@ -8,80 +8,68 @@
 #       https://oneinstack.com
 #       https://github.com/oneinstack/oneinstack
 
-if [ -e "/usr/bin/yum" ]; then
-  PM=yum
-  if [ -e /etc/yum.repos.d/CentOS-Base.repo ] && grep -Eqi "release 6." /etc/redhat-release; then
-    sed -i "s@centos/\$releasever@centos-vault/6.10@g" /etc/yum.repos.d/CentOS-Base.repo
-    sed -i 's@centos/RPM-GPG@centos-vault/RPM-GPG@g' /etc/yum.repos.d/CentOS-Base.repo
-    [ -e /etc/yum.repos.d/epel.repo ] && rm -f /etc/yum.repos.d/epel.repo
-  fi
-  if ! command -v lsb_release >/dev/null 2>&1; then
-    if [ -e "/etc/euleros-release" ]; then
-      yum -y install euleros-lsb
-    elif [ -e "/etc/openEuler-release" -o -e "/etc/openeuler-release" ]; then
-      yum -y install openeuler-lsb
-    elif [ -e "/etc/anolis-release" ]; then
-      yum -y install system-lsb-core
-    else
-      yum -y install redhat-lsb-core 2>/dev/null
-    fi
-    clear
-  fi
-elif [ -e "/usr/bin/apt-get" ]; then
-  PM=apt-get
-  if ! command -v lsb_release >/dev/null 2>&1; then
-    apt-get -y update > /dev/null
-    apt-get -y install lsb-release
-    clear
-  fi
+if [ -e "/etc/os-release" ]; then
+  . /etc/os-release
+else
+  echo "${CFAILURE}/etc/os-release does not exist! ${CEND}"
+  kill -9 $$; exit 1;
 fi
 
 # Get OS Version
-Platform=$(lsb_release -is 2>/dev/null)
+Platform=${ID,,}
+VERSION_ID=${VERSION_ID%%.*}
 ARCH=$(arch)
-if [[ "${Platform}" =~ ^CentOS$|^CentOSStream$|^RedHat$|^RedHatEnterprise$|^Rocky$|^AlmaLinux$|^Fedora$|^Amazon$|^AlibabaCloud$|^AlibabaCloud\(AliyunLinux\)$|^AnolisOS$|^EulerOS$|^openEuler$|^Oracle$ ]]; then
+if [[ "${Platform}" =~ ^centos$|^rhel$|^almalinux$|^rocky$|^fedora$|^amzn$|^ol$|^alinux$|^anolis$|^tencentos$|^euleros$|^openeuler$|^kylin$ ]]; then
+  PM=yum
   Family=rhel
-  RHEL_ver=$(lsb_release -rs 2>/dev/null | awk -F. '{print $1}' | awk '{print $1}' 2>/dev/null)
-  [[ "${Platform}" =~ ^Fedora$ ]] && [ ${RHEL_ver} -ge 19 >/dev/null 2>&1 ] && { RHEL_ver=7; Fedora_ver=$(lsb_release -rs); }
-  [[ "${Platform}" =~ ^Amazon$|^EulerOS$|^openEuler$ ]] && RHEL_ver=7
-  [[ "${Platform}" =~ ^openEuler$ ]] && [[ "${RHEL_ver}" =~ ^21$ ]] && RHEL_ver=8
-  [[ "${Platform}" =~ ^AlibabaCloud$|^AlibabaCloud\(AliyunLinux\)$ ]] && [[ "${RHEL_ver}" =~ ^2$ ]] && RHEL_ver=7
-  [[ "${Platform}" =~ ^AlibabaCloud$|^AlibabaCloud\(AliyunLinux\)$ ]] && [[ "${RHEL_ver}" =~ ^3$ ]] && RHEL_ver=8
-elif [[ "${Platform}" =~ ^Debian$|^Deepin$|^Uos$|^Kali$ ]]; then
+  RHEL_ver=${VERSION_ID}
+  if [[ "${Platform}" =~ ^centos$ ]]; then
+    if [ "${VERSION_ID}" == '6' ]; then
+      sed -i "s@centos/\$releasever@centos-vault/6.10@g" /etc/yum.repos.d/CentOS-Base.repo
+      sed -i 's@centos/RPM-GPG@centos-vault/RPM-GPG@g' /etc/yum.repos.d/CentOS-Base.repo
+      [ -e /etc/yum.repos.d/epel.repo ] && rm -f /etc/yum.repos.d/epel.repo
+    fi
+  elif [[ "${Platform}" =~ ^fedora$ ]]; then
+    Fedora_ver=${VERSION_ID}
+    [ ${VERSION_ID} -ge 19 ] && [ ${VERSION_ID} -lt 28 ] && RHEL_ver=7
+    [ ${VERSION_ID} -ge 28 ] && [ ${VERSION_ID} -lt 34 ] && RHEL_ver=8
+    [ ${VERSION_ID} -ge 34 ] && RHEL_ver=9
+  elif [[ "${Platform}" =~ ^amzn$|^alinux$|^tencentos$|^euleros$ ]]; then
+    [[ "${VERSION_ID}" =~ ^2$ ]] && RHEL_ver=7
+    [[ "${VERSION_ID}" =~ ^3$ ]] && RHEL_ver=8
+  elif [[ "${Platform}" =~ ^openeuler$ ]]; then
+    [[ "${RHEL_ver}" =~ ^20$ ]] && RHEL_ver=7
+    [[ "${RHEL_ver}" =~ ^2[1,2]$ ]] && RHEL_ver=8
+  elif [[ "${Platform}" =~ ^kylin$ ]]; then
+    [[ "${RHEL_ver}" =~ ^V10$ ]] && RHEL_ver=7
+  fi
+elif [[ "${Platform}" =~ ^debian$|^deepin$|^uos$|^kali$ ]]; then
+  PM=apt-get
   Family=debian
-  Debian_ver=$(lsb_release -rs 2>/dev/null | awk -F. '{print $1}' | awk '{print $1}')
-  [[ "${Platform}" =~ ^Deepin$|^Uos$ ]] && [[ "${Debian_ver}" =~ ^20$ ]] && Debian_ver=10
-  [[ "${Platform}" =~ ^Kali$ ]] && [[ "${Debian_ver}" =~ ^202 ]] && Debian_ver=10
-elif [[ "${Platform}" =~ ^Ubuntu$|^LinuxMint$|^elementary$ ]]; then
-  Family=ubuntu
-  Ubuntu_ver=$(lsb_release -rs 2>/dev/null | awk -F. '{print $1}' | awk '{print $1}')
-  if [[ "${Platform}" =~ ^LinuxMint$ ]]; then
-    [[ "${Ubuntu_ver}" =~ ^18$ ]] && Ubuntu_ver=16
-    [[ "${Ubuntu_ver}" =~ ^19$ ]] && Ubuntu_ver=18
-    [[ "${Ubuntu_ver}" =~ ^20$ ]] && Ubuntu_ver=20
+  Debian_ver=${VERSION_ID}
+  if [[ "${Platform}" =~ ^deepin$|^uos$ ]]; then
+    [[ "${Debian_ver}" =~ ^20$ ]] && Debian_ver=10
+    [[ "${Debian_ver}" =~ ^23$ ]] && Debian_ver=11
+  elif [[ "${Platform}" =~ ^kali$ ]]; then
+    [[ "${Debian_ver}" =~ ^202 ]] && Debian_ver=10
   fi
-  if [[ "${Platform}" =~ ^elementary$ ]]; then
-    [[ "${Ubuntu_ver}" =~ ^5$ ]] && Ubuntu_ver=18
-    [[ "${Ubuntu_ver}" =~ ^6$ ]] && Ubuntu_ver=20
+elif [[ "${Platform}" =~ ^ubuntu$|^linuxmint$|^elementary$ ]]; then
+  PM=apt-get
+  Family=ubuntu
+  Ubuntu_ver=${VERSION_ID}
+  if [[ "${Platform}" =~ ^linuxmint$ ]]; then
+    [[ "${VERSION_ID}" =~ ^18$ ]] && Ubuntu_ver=16
+    [[ "${VERSION_ID}" =~ ^19$ ]] && Ubuntu_ver=18
+    [[ "${VERSION_ID}" =~ ^20$ ]] && Ubuntu_ver=20
+    [[ "${VERSION_ID}" =~ ^21$ ]] && Ubuntu_ver=22
+  elif [[ "${Platform}" =~ ^elementary$ ]]; then
+    [[ "${VERSION_ID}" =~ ^5$ ]] && Ubuntu_ver=18
+    [[ "${VERSION_ID}" =~ ^6$ ]] && Ubuntu_ver=20
+    [[ "${VERSION_ID}" =~ ^7$ ]] && Ubuntu_ver=22
   fi
-elif [ -e "/etc/almalinux-release" ]; then
-  Family=rhel
-  Platform=AlmaLinux
-  grep -Eqi "release 9." /etc/almalinux-release && RHEL_ver=9
-elif [ -e "/etc/rocky-release" ]; then
-  Family=rhel
-  Platform=Rocky
-  grep -Eqi "release 9." /etc/rocky-release && RHEL_ver=9
-elif [ -e "/etc/oracle-release" ]; then
-  Family=rhel
-  Platform=Oracle
-  grep -Eqi "release 9." /etc/oracle-release && RHEL_ver=9
-elif [ -e "/etc/redhat-release" ]; then
-  Family=rhel
-  Platform=RedHat
-  grep -Eqi "release 9." /etc/redhat-release && RHEL_ver=9
 else
-  command -v lsb_release >/dev/null 2>&1 || { echo "${CFAILURE}${PM} source failed! ${CEND}"; kill -9 $$; exit 1; }
+  echo "${CFAILURE}Does not support this OS ${CEND}"
+  kill -9 $$; exit 1;
 fi
 
 # Check OS Version
@@ -129,10 +117,10 @@ fi
 
 THREAD=$(grep 'processor' /proc/cpuinfo | sort -u | wc -l)
 
-# Percona binary: https://www.percona.com/doc/percona-server/5.7/installation.html#installing-percona-server-from-a-binary-tarball
+# Percona binary: https://docs.percona.com/percona-server/5.7/installation/binary-tarball.html
 if [ ${Debian_ver} -lt 9 >/dev/null 2>&1 ]; then
   sslLibVer=ssl100
-elif [ "${RHEL_ver}" == '7' ] && [ "${Platform}" != 'Fedora' ]; then
+elif [ "${RHEL_ver}" == '7' ] && [ "${Platform}" != 'fedora' ]; then
   sslLibVer=ssl101
 elif [ ${Debian_ver} -ge 9 >/dev/null 2>&1 ] || [ ${Ubuntu_ver} -ge 16 >/dev/null 2>&1 ]; then
   sslLibVer=ssl102

include/check_sw.sh

@@ -38,11 +38,8 @@ installDepsDebian() {
 
   # Install needed packages
   case "${Debian_ver}" in
-    8)
-      pkgList="debian-keyring debian-archive-keyring build-essential gcc g++ make cmake autoconf libjpeg8 libjpeg62-turbo-dev libjpeg-dev libpng12-0 libpng12-dev libpng3 libgd-dev libxml2 libxml2-dev zlib1g zlib1g-dev libc6 libc6-dev libc-client2007e-dev libglib2.0-0 libglib2.0-dev bzip2 libzip-dev libbz2-1.0 libncurses5 libncurses5-dev libaio1 libaio-dev numactl libreadline-dev curl libcurl3-gnutls libcurl4-openssl-dev e2fsprogs libkrb5-3 libkrb5-dev libltdl-dev libidn11 libidn11-dev openssl net-tools libssl-dev libtool libevent-dev bison re2c libsasl2-dev libxslt1-dev libxslt-dev libicu-dev locales libcloog-ppl0 patch vim zip unzip tmux htop bc dc expect libexpat1-dev libonig-dev libtirpc-dev nss rsync git lsof lrzsz iptables rsyslog cron logrotate chrony ntpdate libsqlite3-dev psmisc wget sysv-rc apt-transport-https ca-certificates software-properties-common gnupg"
-      ;;
     9|10|11)
-      pkgList="debian-keyring debian-archive-keyring build-essential gcc g++ make cmake autoconf libjpeg62-turbo-dev libjpeg-dev libpng-dev libgd-dev libxml2 libxml2-dev zlib1g zlib1g-dev libc6 libc6-dev libc-client2007e-dev libglib2.0-0 libglib2.0-dev bzip2 libzip-dev libbz2-1.0 libncurses5 libncurses5-dev libaio1 libaio-dev numactl libreadline-dev curl libcurl3-gnutls libcurl4-openssl-dev e2fsprogs libkrb5-3 libkrb5-dev libltdl-dev libidn11 libidn11-dev openssl net-tools libssl-dev libtool libevent-dev bison re2c libsasl2-dev libxslt1-dev libicu-dev locales patch vim zip unzip tmux htop bc dc expect libexpat1-dev libonig-dev libtirpc-dev rsync git lsof lrzsz iptables rsyslog cron logrotate chrony ntpdate libsqlite3-dev psmisc wget sysv-rc apt-transport-https ca-certificates software-properties-common gnupg"
+      pkgList="debian-keyring debian-archive-keyring build-essential gcc g++ make cmake autoconf libjpeg62-turbo-dev libjpeg-dev libpng-dev libgd-dev libxml2 libxml2-dev zlib1g zlib1g-dev libc6 libc6-dev libc-client2007e-dev libglib2.0-0 libglib2.0-dev bzip2 libzip-dev libbz2-1.0 libncurses5 libncurses5-dev libaio1 libaio-dev numactl libreadline-dev curl libcurl3-gnutls libcurl4-openssl-dev e2fsprogs libkrb5-3 libkrb5-dev libltdl-dev libidn11 libidn11-dev openssl net-tools libssl-dev libtool libevent-dev bison re2c libsasl2-dev libxslt1-dev libicu-dev locales patch vim zip unzip tmux htop bc dc expect libexpat1-dev libonig-dev libtirpc-dev rsync git lsof lrzsz rsyslog cron logrotate chrony libsqlite3-dev psmisc wget sysv-rc apt-transport-https ca-certificates software-properties-common gnupg ufw"
       ;;
     *)
       echo "${CFAILURE}Your system Debian ${Debian_ver} are not supported!${CEND}"
@@ -57,22 +54,21 @@ installDepsDebian() {
 installDepsRHEL() {
   [ -e '/etc/yum.conf' ] && sed -i 's@^exclude@#exclude@' /etc/yum.conf
   if [ "${RHEL_ver}" == '9' ]; then
-    if [[ "${Platform}" =~ "RedHat" ]]; then
+    if [[ "${Platform}" =~ "rhel" ]]; then
       subscription-manager repos --enable codeready-builder-for-rhel-9-${ARCH}-rpms
       dnf -y install chrony oniguruma-devel rpcgen
-    elif [[ "${Platform}" =~ "Oracle" ]]; then
+    elif [[ "${Platform}" =~ "ol" ]]; then
       dnf config-manager --set-enabled ol9_codeready_builder
       dnf -y install chrony oniguruma-devel rpcgen
     else
       dnf -y --enablerepo=crb install chrony oniguruma-devel rpcgen
     fi
     systemctl enable chronyd
-    systemctl stop firewalld && systemctl mask firewalld.service
   elif [ "${RHEL_ver}" == '8' ]; then
-    if [[ "${Platform}" =~ "RedHat" ]]; then
+    if [[ "${Platform}" =~ "rhel" ]]; then
       subscription-manager repos --enable codeready-builder-for-rhel-8-${ARCH}-rpms
       dnf -y install chrony oniguruma-devel rpcgen
-    elif [[ "${Platform}" =~ "Oracle" ]]; then
+    elif [[ "${Platform}" =~ "ol" ]]; then
       dnf config-manager --set-enabled ol8_codeready_builder
       dnf -y install chrony oniguruma-devel rpcgen
     else
@@ -84,22 +80,14 @@ installDepsRHEL() {
       fi
     fi
     systemctl enable chronyd
-    systemctl stop firewalld && systemctl mask firewalld.service
   elif [ "${RHEL_ver}" == '7' ]; then
     [ -z "`grep -w epel /etc/yum.repos.d/*.repo`" ] && yum -y install epel-release
     yum -y groupremove "Basic Web Server" "MySQL Database server" "MySQL Database client"
-    systemctl stop firewalld && systemctl mask firewalld.service
-  fi
-
-  if [ ${RHEL_ver} -ge 7 >/dev/null 2>&1 ] && [ "${iptables_flag}" == 'y' ]; then
-    yum -y install iptables-services
-    systemctl enable iptables.service
-    systemctl enable ip6tables.service
   fi
 
   echo "${CMSG}Installing dependencies packages...${CEND}"
   # Install needed packages
-  pkgList="perl-FindBin deltarpm drpm gcc gcc-c++ make cmake autoconf libjpeg libjpeg-devel libjpeg-turbo libjpeg-turbo-devel libpng libpng-devel libxml2 libxml2-devel zlib zlib-devel libzip libzip-devel glibc glibc-devel krb5-devel libc-client libc-client-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel libaio numactl numactl-libs readline-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel net-tools libxslt-devel libicu-devel libevent-devel libtool libtool-ltdl bison gd-devel vim-enhanced pcre-devel libmcrypt libmcrypt-devel mhash mhash-devel mcrypt zip unzip chrony ntpdate sqlite-devel sysstat patch bc expect expat-devel perl-devel oniguruma oniguruma-devel libtirpc-devel nss libnsl rsync rsyslog git lsof lrzsz psmisc wget which libatomic tmux chkconfig"
+  pkgList="perl-FindBin deltarpm drpm gcc gcc-c++ make cmake autoconf libjpeg libjpeg-devel libjpeg-turbo libjpeg-turbo-devel libpng libpng-devel libxml2 libxml2-devel zlib zlib-devel libzip libzip-devel glibc glibc-devel krb5-devel libc-client libc-client-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel libaio numactl numactl-libs readline-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel net-tools libxslt-devel libicu-devel libevent-devel libtool libtool-ltdl bison gd-devel vim-enhanced pcre-devel libmcrypt libmcrypt-devel mhash mhash-devel mcrypt zip unzip chrony sqlite-devel sysstat patch bc expect expat-devel perl-devel oniguruma oniguruma-devel libtirpc-devel nss libnsl rsync rsyslog git lsof lrzsz psmisc wget which libatomic tmux chkconfig firewalld"
   for Package in ${pkgList}; do
     yum -y install ${Package}
   done
@@ -140,7 +128,7 @@ installDepsUbuntu() {
   apt-get -y upgrade -o Dir::Etc::SourceList=/tmp/security.sources.list
 
   # Install needed packages
-  pkgList="libperl-dev debian-keyring debian-archive-keyring build-essential gcc g++ make cmake autoconf libjpeg8 libjpeg8-dev libpng-dev libpng12-0 libpng12-dev libpng3 libxml2 libxml2-dev zlib1g zlib1g-dev libc6 libc6-dev libc-client2007e-dev libglib2.0-0 libglib2.0-dev bzip2 libzip-dev libbz2-1.0 libncurses5 libncurses5-dev libaio1 libaio-dev numactl libreadline-dev curl libcurl3-gnutls libcurl4-gnutls-dev libcurl4-openssl-dev e2fsprogs libkrb5-3 libkrb5-dev libltdl-dev libidn11 libidn11-dev openssl net-tools libssl-dev libtool libevent-dev re2c libsasl2-dev libxslt1-dev libicu-dev libsqlite3-dev libcloog-ppl1 bison patch vim zip unzip tmux htop bc dc expect libexpat1-dev iptables rsyslog libonig-dev libtirpc-dev libnss3 rsync git lsof lrzsz chrony ntpdate psmisc wget sysv-rc apt-transport-https ca-certificates software-properties-common gnupg"
+  pkgList="libperl-dev debian-keyring debian-archive-keyring build-essential gcc g++ make cmake autoconf libjpeg8 libjpeg8-dev libpng-dev libpng12-0 libpng12-dev libpng3 libxml2 libxml2-dev zlib1g zlib1g-dev libc6 libc6-dev libc-client2007e-dev libglib2.0-0 libglib2.0-dev bzip2 libzip-dev libbz2-1.0 libncurses5 libncurses5-dev libaio1 libaio-dev numactl libreadline-dev curl libcurl3-gnutls libcurl4-gnutls-dev libcurl4-openssl-dev e2fsprogs libkrb5-3 libkrb5-dev libltdl-dev libidn11 libidn11-dev openssl net-tools libssl-dev libtool libevent-dev re2c libsasl2-dev libxslt1-dev libicu-dev libsqlite3-dev libcloog-ppl1 bison patch vim zip unzip tmux htop bc dc expect libexpat1-dev rsyslog libonig-dev libtirpc-dev libnss3 rsync git lsof lrzsz chrony psmisc wget sysv-rc apt-transport-https ca-certificates software-properties-common gnupg ufw"
   export DEBIAN_FRONTEND=noninteractive
   for Package in ${pkgList}; do
     apt-get --no-install-recommends -y install ${Package}

include/eaccelerator.sh

@@ -54,7 +54,7 @@ EOF
         echo "${CSUCCESS}PHP eaccelerator module installed successfully! ${CEND}"
         rm -rf eaccelerator-${eaccelerator_ver} eaccelerator-eaccelerator-42067ac
       else
-        echo "${CFAILURE}PHP eaccelerator module install failed, Please contact the author! ${CEND}" && lsb_release -a
+        echo "${CFAILURE}PHP eaccelerator module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
       fi
     else
       echo; echo "${CWARNING}Your php ${PHP_detail_ver} does not support eAccelerator! ${CEND}";

include/fail2ban.sh

@@ -15,40 +15,56 @@ Install_fail2ban() {
   pushd fail2ban-${fail2ban_ver} > /dev/null
   sed -i 's@for i in xrange(50)@for i in range(50)@' fail2ban/__init__.py
   ${python_install_dir}/bin/python setup.py install
-  if [ -e /bin/systemctl ]; then
-    /bin/cp build/fail2ban.service /lib/systemd/system/
-    systemctl enable fail2ban
-  else
-    if [ "${PM}" == 'yum' ]; then
-      /bin/cp files/redhat-initd /etc/init.d/fail2ban
-      sed -i "s@^FAIL2BAN=.*@FAIL2BAN=${python_install_dir}/bin/fail2ban-client@" /etc/init.d/fail2ban
-      sed -i 's@Starting fail2ban.*@&\n    [ ! -e "/var/run/fail2ban" ] \&\& mkdir /var/run/fail2ban@' /etc/init.d/fail2ban
-      chmod +x /etc/init.d/fail2ban
-      chkconfig --add fail2ban
-      chkconfig fail2ban on
-    elif [ "${PM}" == 'apt-get' ]; then
-      /bin/cp files/debian-initd /etc/init.d/fail2ban
-      sed -i 's@2 3 4 5@3 4 5@' /etc/init.d/fail2ban
-      sed -i "s@^DAEMON=.*@DAEMON=${python_install_dir}/bin/\$NAME-client@" /etc/init.d/fail2ban
-      chmod +x /etc/init.d/fail2ban
-      update-rc.d fail2ban defaults
-    fi
-  fi
+  /bin/cp build/fail2ban.service /lib/systemd/system/
+  systemctl enable fail2ban
   [ -z "`grep ^Port /etc/ssh/sshd_config`" ] && now_ssh_port=22 || now_ssh_port=`grep ^Port /etc/ssh/sshd_config | awk '{print $2}' | head -1`
-  [ "${PM}" == 'yum' ] && LOGPATH=/var/log/secure
-  [ "${PM}" == 'apt-get' ] && LOGPATH=/var/log/auth.log
+  if [ "${PM}" == 'yum' ]; then
   cat > /etc/fail2ban/jail.local << EOF
 [DEFAULT]
 ignoreip = 127.0.0.1/8
 bantime  = 86400
 findtime = 600
 maxretry = 5
-[ssh-iptables]
+backend = auto
+banaction = firewallcmd-ipset
+action = %(action_mwl)s
+
+[sshd]
 enabled = true
 filter  = sshd
-action  = iptables[name=SSH, port=${now_ssh_port}, protocol=tcp]
-logpath = ${LOGPATH}
+port    = ${now_ssh_port}
+action = %(action_mwl)s
+logpath = /var/log/secure
+bantime  = 86400
+findtime = 600
+maxretry = 5
 EOF
+  elif [ "${PM}" == 'apt-get' ]; then
+    if ufw status | grep -wq inactive; then
+      ufw default allow incoming
+      ufw --force enable
+    fi
+    cat > /etc/fail2ban/jail.local << EOF
+[DEFAULT]
+ignoreip = 127.0.0.1/8
+bantime  = 86400
+findtime = 600
+maxretry = 5
+backend = auto
+banaction = ufw
+action = %(action_mwl)s
+
+[sshd]
+enabled = true
+filter  = sshd
+port    = ${now_ssh_port}
+action = %(action_mwl)s
+logpath = /var/log/auth.log
+bantime  = 86400
+findtime = 600
+maxretry = 5
+EOF
+  fi
   cat > /etc/logrotate.d/fail2ban << EOF
 /var/log/fail2ban.log {
     missingok
@@ -58,9 +74,8 @@ EOF
     endscript
 }
 EOF
-  sed -i 's@^iptables = iptables.*@iptables = iptables@' /etc/fail2ban/action.d/iptables-common.conf
   kill -9 `ps -ef | grep fail2ban | grep -v grep | awk '{print $2}'` > /dev/null 2>&1
-  service fail2ban start
+  systemctl start fail2ban
   popd > /dev/null
   if [ -e "${python_install_dir}/bin/fail2ban-server" ]; then
     echo; echo "${CSUCCESS}fail2ban installed successfully! ${CEND}"

include/init_Debian.sh

@@ -84,53 +84,17 @@ sed -i 's@^ACTIVE_CONSOLES.*@ACTIVE_CONSOLES="/dev/tty[1-2]"@' /etc/default/cons
 sed -i 's@^# en_US.UTF-8@en_US.UTF-8@' /etc/locale.gen
 init q
 
-# Update time
-if [ -e "$(which ntpdate)" ]; then
-  ntpdate -u pool.ntp.org
-  [ ! -e "/var/spool/cron/crontabs/root" -o -z "$(grep ntpdate /var/spool/cron/crontabs/root 2>/dev/null)" ] && { echo "*/20 * * * * $(which ntpdate) -u pool.ntp.org > /dev/null 2>&1" >> /var/spool/cron/crontabs/root;chmod 600 /var/spool/cron/crontabs/root; }
+# ufw
+if [ "${firewall_flag}" == 'y' ]; then
+  ufw allow 22/tcp
+  [ "${ssh_port}" != "22" ] && ufw allow ${ssh_port}/tcp
+  ufw allow 80/tcp
+  ufw allow 443/tcp
+  ufw --force enable
+else
+  ufw --force disable
 fi
-
-# iptables
-if [ "${iptables_flag}" == 'y' ]; then
-  apt-get -y install debconf-utils
-  echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
-  echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
-  apt-get -y install iptables-persistent
-  if [ -e "/etc/iptables/rules.v4" ] && [ -n "$(grep '^:INPUT DROP' /etc/iptables/rules.v4)" -a -n "$(grep 'NEW -m tcp --dport 22 -j ACCEPT' /etc/iptables/rules.v4)" -a -n "$(grep 'NEW -m tcp --dport 80 -j ACCEPT' /etc/iptables/rules.v4)" ]; then
-    IPTABLES_STATUS=yes
-  else
-    IPTABLES_STATUS=no
-  fi
-
-  if [ "${IPTABLES_STATUS}" == "no" ]; then
-    cat > /etc/iptables/rules.v4 << EOF
-# Firewall configuration written by system-config-securitylevel
-# Manual customization of this file is not recommended.
-*filter
-:INPUT DROP [0:0]
-:FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [0:0]
-:syn-flood - [0:0]
--A INPUT -i lo -j ACCEPT
--A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
--A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
--A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
--A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-COMMIT
-EOF
-  fi
-
-  FW_PORT_FLAG=$(grep -ow "dport ${ssh_port}" /etc/iptables/rules.v4)
-  [ -z "${FW_PORT_FLAG}" -a "${ssh_port}" != "22" ] && sed -i "s@dport 22 -j ACCEPT@&\n-A INPUT -p tcp -m state --state NEW -m tcp --dport ${ssh_port} -j ACCEPT@" /etc/iptables/rules.v4
-  iptables-restore < /etc/iptables/rules.v4
-  /bin/cp /etc/iptables/rules.v{4,6}
-  sed -i 's@icmp@icmpv6@g' /etc/iptables/rules.v6
-  ip6tables-restore < /etc/iptables/rules.v6
-  ip6tables-save > /etc/iptables/rules.v6 
-fi
-service rsyslog restart
-service ssh restart
+systemctl restart rsyslog ssh
 
 . /etc/profile
 . ~/.bashrc

include/init_RHEL.sh

@@ -27,9 +27,9 @@ alias grep='grep --color'
 alias egrep='egrep --color'
 alias fgrep='fgrep --color'
 EOF
-[[ "${Platform}" =~ ^EulerOS$|^openEuler$ ]] && sed -i '/HISTTIMEFORMAT=/d' /etc/profile.d/oneinstack.sh
+[[ "${Platform}" =~ ^euleros$|^openeuler$ ]] && sed -i '/HISTTIMEFORMAT=/d' /etc/profile.d/oneinstack.sh
 
-[[ ! "${Platform}" =~ ^EulerOS$|^openEuler$ ]] && [ -z "$(grep ^'PROMPT_COMMAND=' /etc/bashrc)" ] && cat >> /etc/bashrc << EOF
+[[ ! "${Platform}" =~ ^euleros$|^openeuler$ ]] && [ -z "$(grep ^'PROMPT_COMMAND=' /etc/bashrc)" ] && cat >> /etc/bashrc << EOF
 PROMPT_COMMAND='{ msg=\$(history 1 | { read x y; echo \$y; });logger "[euid=\$(whoami)]":\$(who am i):[\`pwd\`]"\$msg"; }'
 EOF
 
@@ -51,14 +51,9 @@ EOF
 rm -rf /etc/localtime
 ln -s /usr/share/zoneinfo/${timezone} /etc/localtime
 
-# Set DNS
-#cat > /etc/resolv.conf << EOF
-#nameserver 114.114.114.114
-#nameserver 8.8.8.8
-#EOF
-
 # ip_conntrack table full dropping packets
-[ ! -e "/etc/sysconfig/modules/iptables.modules" ] && { echo -e "modprobe nf_conntrack\nmodprobe nf_conntrack_ipv4" > /etc/sysconfig/modules/iptables.modules; chmod +x /etc/sysconfig/modules/iptables.modules; }
+echo -e "modprobe nf_conntrack\nmodprobe nf_conntrack_ipv4" > /etc/sysconfig/modules/nf_conntrack.modules
+chmod +x /etc/sysconfig/modules/nf_conntrack.modules
 modprobe nf_conntrack
 modprobe nf_conntrack_ipv4
 echo options nf_conntrack hashsize=131072 > /etc/modprobe.d/nf_conntrack.conf
@@ -102,52 +97,17 @@ if [ ${RHEL_ver} -ge 7 >/dev/null 2>&1 ]; then
   sed -i 's@LANG=.*$@LANG="en_US.UTF-8"@g' /etc/locale.conf
 fi
 
-# Update time
-if [ -e "$(which ntpdate)" ]; then
-  ntpdate -u pool.ntp.org
-  [ ! -e "/var/spool/cron/root" -o -z "$(grep 'ntpdate' /var/spool/cron/root)" ] && { echo "*/20 * * * * $(which ntpdate) -u pool.ntp.org > /dev/null 2>&1" >> /var/spool/cron/root;chmod 600 /var/spool/cron/root; }
-fi
-
-# iptables
-if [ "${iptables_flag}" == 'y' ]; then
-  if [ -e "/etc/sysconfig/iptables" ] && [ -n "$(grep '^:INPUT DROP' /etc/sysconfig/iptables)" -a -n "$(grep 'NEW -m tcp --dport 22 -j ACCEPT' /etc/sysconfig/iptables)" -a -n "$(grep 'NEW -m tcp --dport 80 -j ACCEPT' /etc/sysconfig/iptables)" ]; then
-    IPTABLES_STATUS=yes
-  else
-    IPTABLES_STATUS=no
-  fi
-
-  if [ "$IPTABLES_STATUS" == "no" ]; then
-    [ -e "/etc/sysconfig/iptables" ] && /bin/mv /etc/sysconfig/iptables{,_bk}
-    cat > /etc/sysconfig/iptables << EOF
-# Firewall configuration written by system-config-securitylevel
-# Manual customization of this file is not recommended.
-*filter
-:INPUT DROP [0:0]
-:FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [0:0]
-:syn-flood - [0:0]
--A INPUT -i lo -j ACCEPT
--A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
--A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
--A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
--A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-COMMIT
-EOF
-  fi
-
-  FW_PORT_FLAG=$(grep -ow "dport ${ssh_port}" /etc/sysconfig/iptables)
-  [ -z "${FW_PORT_FLAG}" -a "${ssh_port}" != "22" ] && sed -i "s@dport 22 -j ACCEPT@&\n-A INPUT -p tcp -m state --state NEW -m tcp --dport ${ssh_port} -j ACCEPT@" /etc/sysconfig/iptables
-  /bin/cp /etc/sysconfig/{iptables,ip6tables}
-  sed -i 's@icmp@icmpv6@g' /etc/sysconfig/ip6tables
-  iptables-restore < /etc/sysconfig/iptables
-  ip6tables-restore < /etc/sysconfig/ip6tables
-  service iptables save
-  service ip6tables save
-  chkconfig --level 3 iptables on
-  chkconfig --level 3 ip6tables on
+# firewall
+if [ "${firewall_flag}" == 'y' ]; then
+  systemctl enable firewalld
+  systemctl start firewalld
+  firewall-cmd --permanent --zone=public --add-port={22/tcp,80/tcp,443/tcp}
+  [ "${ssh_port}" != "22" ] && firewall-cmd --permanent --zone=public --add-port=${ssh_port}/tcp
+  firewall-cmd --reload
+else
+  systemctl stop firewalld
+  systemctl disable firewalld
 fi
-service rsyslog restart
-service sshd restart
+systemctl restart rsyslog sshd
 
 . /etc/profile

include/init_Ubuntu.sh

@@ -56,12 +56,6 @@ EOF
 rm -rf /etc/localtime
 ln -s /usr/share/zoneinfo/${timezone} /etc/localtime
 
-# Set DNS
-#cat > /etc/resolv.conf << EOF
-#nameserver 114.114.114.114
-#nameserver 8.8.8.8
-#EOF
-
 # /etc/sysctl.conf
 [ -z "$(grep 'fs.file-max' /etc/sysctl.conf)" ] && cat >> /etc/sysctl.conf << EOF
 fs.file-max = 1000000
@@ -90,47 +84,17 @@ LANG=en_US.UTF-8
 LANGUAGE=en_US:en
 EOF
 
-# iptables
-if [ "${iptables_flag}" == 'y' ]; then
-  apt-get -y install debconf-utils
-  echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
-  echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
-  apt-get -y install iptables-persistent
-  if [ -e "/etc/iptables/rules.v4" ] && [ -n "$(grep '^:INPUT DROP' /etc/iptables/rules.v4)" -a -n "$(grep 'NEW -m tcp --dport 22 -j ACCEPT' /etc/iptables/rules.v4)" -a -n "$(grep 'NEW -m tcp --dport 80 -j ACCEPT' /etc/iptables/rules.v4)" ]; then
-    IPTABLES_STATUS=yes
-  else
-    IPTABLES_STATUS=no
-  fi
-
-  if [ "${IPTABLES_STATUS}" == "no" ]; then
-    cat > /etc/iptables/rules.v4 << EOF
-# Firewall configuration written by system-config-securitylevel
-# Manual customization of this file is not recommended.
-*filter
-:INPUT DROP [0:0]
-:FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [0:0]
-:syn-flood - [0:0]
--A INPUT -i lo -j ACCEPT
--A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
--A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
--A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
--A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-COMMIT
-EOF
-  fi
-
-  FW_PORT_FLAG=$(grep -ow "dport ${ssh_port}" /etc/iptables/rules.v4)
-  [ -z "${FW_PORT_FLAG}" -a "${ssh_port}" != "22" ] && sed -i "s@dport 22 -j ACCEPT@&\n-A INPUT -p tcp -m state --state NEW -m tcp --dport ${ssh_port} -j ACCEPT@" /etc/iptables/rules.v4
-  iptables-restore < /etc/iptables/rules.v4
-  /bin/cp /etc/iptables/rules.v{4,6}
-  sed -i 's@icmp@icmpv6@g' /etc/iptables/rules.v6
-  ip6tables-restore < /etc/iptables/rules.v6
-  ip6tables-save > /etc/iptables/rules.v6 
+# ufw
+if [ "${firewall_flag}" == 'y' ]; then
+  ufw allow 22/tcp
+  [ "${ssh_port}" != "22" ] && ufw allow ${ssh_port}/tcp
+  ufw allow 80/tcp
+  ufw allow 443/tcp
+  ufw --force enable
+else
+  ufw --force disable
 fi
-service rsyslog restart
-service ssh restart
+systemctl restart rsyslog ssh
 
 . /etc/profile
 . ~/.bashrc

include/jemalloc.sh

@@ -27,7 +27,7 @@ Install_Jemalloc() {
       echo "${CSUCCESS}jemalloc module installed successfully! ${CEND}"
       rm -rf jemalloc-${jemalloc_ver}
     else
-      echo "${CFAILURE}jemalloc install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}jemalloc install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
       kill -9 $$; exit 1;
     fi
     popd > /dev/null

include/mariadb-10.4.sh

@@ -58,7 +58,7 @@ Install_MariaDB104() {
     fi
   else
     rm -rf ${mariadb_install_dir}
-    echo "${CFAILURE}MariaDB install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}MariaDB install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/mariadb-10.5.sh

@@ -58,7 +58,7 @@ Install_MariaDB105() {
     fi
   else
     rm -rf ${mariadb_install_dir}
-    echo "${CFAILURE}MariaDB install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}MariaDB install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/mariadb-10.6.sh

@@ -58,7 +58,7 @@ Install_MariaDB106() {
     fi
   else
     rm -rf ${mariadb_install_dir}
-    echo "${CFAILURE}MariaDB install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}MariaDB install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/mariadb-5.5.sh

@@ -56,7 +56,7 @@ Install_MariaDB55() {
     fi
   else
     rm -rf ${mariadb_install_dir}
-    echo "${CFAILURE}MariaDB install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}MariaDB install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/memcached.sh

@@ -30,7 +30,7 @@ Install_memcached_server() {
     rm -rf memcached-${memcached_ver}
   else
     rm -rf ${memcached_install_dir}
-    echo "${CFAILURE}memcached-server install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}memcached-server install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
   popd > /dev/null
@@ -59,7 +59,7 @@ Install_pecl_memcache() {
       echo "${CSUCCESS}PHP memcache module installed successfully! ${CEND}"
       rm -rf memcache-${pecl_memcache_ver} memcache-${pecl_memcache_oldver}
     else
-      echo "${CFAILURE}PHP memcache module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP memcache module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi
@@ -99,7 +99,7 @@ EOF
       echo "${CSUCCESS}PHP memcached module installed successfully! ${CEND}"
       rm -rf memcached-${pecl_memcached_oldver} memcached-${pecl_memcached_ver}
     else
-      echo "${CFAILURE}PHP memcached module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP memcached module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/mongodb.sh

@@ -69,7 +69,7 @@ EOF
     rm -rf mongodb-linux-x86_64-${mongodb_ver}
   else
     rm -rf ${mongo_install_dir} ${mongo_data_dir}
-    echo "${CFAILURE}MongoDB install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}MongoDB install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
   popd

include/mysql-5.5.sh

@@ -56,7 +56,7 @@ Install_MySQL55() {
     fi
   else
     rm -rf ${mysql_install_dir}
-    echo "${CFAILURE}MySQL install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}MySQL install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/mysql-5.6.sh

@@ -54,7 +54,7 @@ Install_MySQL56() {
     fi
   else
     rm -rf ${mysql_install_dir}
-    echo "${CFAILURE}MySQL install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}MySQL install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/mysql-5.7.sh

@@ -58,7 +58,7 @@ Install_MySQL57() {
     fi
   else
     rm -rf ${mysql_install_dir}
-    echo "${CFAILURE}MySQL install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}MySQL install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/mysql-8.0.sh

@@ -61,7 +61,7 @@ Install_MySQL80() {
     fi
   else
     rm -rf ${mysql_install_dir}
-    echo "${CFAILURE}MySQL install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}MySQL install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/nodejs.sh

@@ -20,7 +20,7 @@ EOF
     . /etc/profile
     echo "${CSUCCESS}Nodejs installed successfully! ${CEND}"
   else
-    echo "${CFAILURE}Nodejs install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Nodejs install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
   popd > /dev/null

include/openjdk-11.sh

@@ -35,7 +35,7 @@ EOF
     . /etc/profile.d/openjdk.sh
     echo "${CSUCCESS}OpenJDK11 installed successfully! ${CEND}"
   else
-    echo "${CFAILURE}OpenJDK11 install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}OpenJDK11 install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 }

include/openjdk-8.sh

@@ -36,7 +36,7 @@ EOF
     . /etc/profile.d/openjdk.sh
     echo "${CSUCCESS}OpenJDK8 installed successfully! ${CEND}"
   else
-    echo "${CFAILURE}OpenJDK8 install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}OpenJDK8 install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 }

include/openssl.sh

@@ -137,7 +137,7 @@ Install_openSSL() {
         /bin/cp cacert.pem ${openssl_install_dir}/cert.pem
         rm -rf openssl-${openssl_ver}
       else
-        echo "${CFAILURE}openSSL install failed, Please contact the author! ${CEND}" && lsb_release -a
+        echo "${CFAILURE}openSSL install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
         kill -9 $$; exit 1;
       fi
       popd > /dev/null

include/pecl_calendar.sh

@@ -25,7 +25,7 @@ Install_pecl_calendar() {
       echo "${CSUCCESS}PHP calendar module installed successfully! ${CEND}"
       rm -rf php-${PHP_detail_ver}
     else
-      echo "${CFAILURE}PHP calendar module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP calendar module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/pecl_fileinfo.sh

@@ -26,7 +26,7 @@ Install_pecl_fileinfo() {
       echo "${CSUCCESS}PHP fileinfo module installed successfully! ${CEND}"
       rm -rf php-${PHP_detail_ver}
     else
-      echo "${CFAILURE}PHP fileinfo module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP fileinfo module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/pecl_imap.sh

@@ -31,7 +31,7 @@ Install_pecl_imap() {
       echo "${CSUCCESS}PHP imap module installed successfully! ${CEND}"
       rm -rf php-${PHP_detail_ver}
     else
-      echo "${CFAILURE}PHP imap module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP imap module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/pecl_ldap.sh

@@ -32,7 +32,7 @@ Install_pecl_ldap() {
       echo "${CSUCCESS}PHP ldap module installed successfully! ${CEND}"
       rm -rf php-${PHP_detail_ver}
     else
-      echo "${CFAILURE}PHP ldap module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP ldap module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/pecl_mongodb.sh

@@ -25,7 +25,7 @@ Install_pecl_mongodb() {
         rm -rf mongo-${pecl_mongo_ver}
         echo "${CSUCCESS}PHP mongo module installed successfully! ${CEND}"
       else
-        echo "${CFAILURE}PHP mongo module install failed, Please contact the author! ${CEND}" && lsb_release -a
+        echo "${CFAILURE}PHP mongo module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
       fi
     else
       if [[ "$(${php_install_dir}/bin/php-config --version | awk -F. '{print $1$2}')" =~ ^7[0-2]$ ]]; then
@@ -46,7 +46,7 @@ Install_pecl_mongodb() {
         echo "${CSUCCESS}PHP mongodb module installed successfully! ${CEND}"
         rm -rf mongodb-${pecl_mongodb_oldver} mongodb-${pecl_mongodb_ver}
       else
-        echo "${CFAILURE}PHP mongodb module install failed, Please contact the author! ${CEND}" && lsb_release -a
+        echo "${CFAILURE}PHP mongodb module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
       fi
     fi
     popd > /dev/null

include/pecl_pgsql.sh

@@ -30,7 +30,7 @@ Install_pecl_pgsql() {
       echo "${CSUCCESS}PHP pgsql module installed successfully! ${CEND}"
       rm -rf php-${PHP_detail_ver}
     else
-      echo "${CFAILURE}PHP pgsql module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP pgsql module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/pecl_phalcon.sh

@@ -38,7 +38,7 @@ Install_pecl_phalcon() {
       echo "${CSUCCESS}PHP phalcon module installed successfully! ${CEND}"
       rm -rf cphalcon-${phalcon_oldver} phalcon-${phalcon_ver}
     else
-      echo "${CFAILURE}PHP phalcon module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP phalcon module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/pecl_swoole.sh

@@ -40,7 +40,7 @@ Install_pecl_swoole() {
       echo "${CSUCCESS}PHP swoole module installed successfully! ${CEND}"
       rm -rf swoole-${swoole_ver} swoole-${swoole_oldver}
     else
-      echo "${CFAILURE}PHP swoole module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP swoole module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/pecl_xdebug.sh

@@ -49,7 +49,7 @@ EOF
         echo; echo "Webgrind URL: ${CMSG}http://{Public IP}/webgrind ${CEND}"
         rm -rf xdebug-${xdebug_ver} xdebug-${xdebug_oldver}
       else
-        echo "${CFAILURE}PHP xdebug module install failed, Please contact the author! ${CEND}" && lsb_release -a
+        echo "${CFAILURE}PHP xdebug module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
       fi
     else
       echo "${CWARNING}Your php ${PHP_detail_ver} does not support xdebug! ${CEND}";

include/pecl_yaf.sh

@@ -27,7 +27,7 @@ Install_pecl_yaf() {
         echo "${CSUCCESS}PHP yaf module installed successfully! ${CEND}"
         rm -rf yaf-${yaf_ver}
       else
-        echo "${CFAILURE}PHP yaf module install failed, Please contact the author! ${CEND}" && lsb_release -a
+        echo "${CFAILURE}PHP yaf module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
       fi
     else
       echo "${CWARNING}Your php ${PHP_detail_ver} does not support yaf! ${CEND}";

include/pecl_yar.sh

@@ -27,7 +27,7 @@ Install_pecl_yar() {
         echo "${CSUCCESS}PHP yar module installed successfully! ${CEND}"
         rm -rf yar-${yar_ver}
       else
-        echo "${CFAILURE}PHP yar module install failed, Please contact the author! ${CEND}" && lsb_release -a
+        echo "${CFAILURE}PHP yar module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
       fi
     else
       echo "${CWARNING}Your php ${PHP_detail_ver} does not support yar! ${CEND}";

include/percona-5.5.sh

@@ -57,7 +57,7 @@ Install_Percona55() {
     fi
   else
     rm -rf ${percona_install_dir}
-    echo "${CFAILURE}Percona install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Percona install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/percona-5.6.sh

@@ -56,7 +56,7 @@ Install_Percona56() {
     fi
   else
     rm -rf ${percona_install_dir}
-    echo "${CFAILURE}Percona install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Percona install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/percona-5.7.sh

@@ -60,7 +60,7 @@ Install_Percona57() {
     fi
   else
     rm -rf ${percona_install_dir}
-    echo "${CFAILURE}Percona install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Percona install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/percona-8.0.sh

@@ -62,7 +62,7 @@ Install_Percona80() {
     fi
   else
     rm -rf ${percona_install_dir}
-    echo "${CFAILURE}Percona install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Percona install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 

include/php-5.3.sh

@@ -22,7 +22,8 @@ Install_PHP53() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php5_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php5_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-5.4.sh

@@ -22,7 +22,8 @@ Install_PHP54() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php5_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php5_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-5.5.sh

@@ -22,7 +22,8 @@ Install_PHP55() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php5_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php5_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-5.6.sh

@@ -22,7 +22,8 @@ Install_PHP56() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php5_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php5_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-7.0.sh

@@ -22,7 +22,8 @@ Install_PHP70() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php70_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php70_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-7.1.sh

@@ -22,7 +22,8 @@ Install_PHP71() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php71_with_ssl} 
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php71_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-7.2.sh

@@ -22,7 +22,8 @@ Install_PHP72() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php72_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php72_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-7.3.sh

@@ -22,7 +22,8 @@ Install_PHP73() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php73_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php73_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-7.4.sh

@@ -22,7 +22,8 @@ Install_PHP74() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php74_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php74_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-8.0.sh

@@ -22,7 +22,8 @@ Install_PHP80() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php80_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php80_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/php-8.1.sh

@@ -22,7 +22,8 @@ Install_PHP81() {
   if [ ! -e "${curl_install_dir}/lib/libcurl.la" ]; then
     tar xzf curl-${curl_ver}.tar.gz
     pushd curl-${curl_ver} > /dev/null
-    ./configure --prefix=${curl_install_dir} ${php81_with_ssl}
+    [ -e "/usr/local/lib/libnghttp2.so" ] && with_nghttp2='--with-nghttp2=/usr/local'
+    ./configure --prefix=${curl_install_dir} ${php81_with_ssl} ${with_nghttp2}
     make -j ${THREAD} && make install
     popd > /dev/null
     rm -rf curl-${curl_ver}

include/postgresql.sh

@@ -41,7 +41,7 @@ Install_PostgreSQL() {
     echo "${CSUCCESS}PostgreSQL installed successfully! ${CEND}"
   else
     rm -rf ${pgsql_install_dir} ${pgsql_data_dir}
-    echo "${CFAILURE}PostgreSQL install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}PostgreSQL install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
   popd

include/pureftpd.sh

@@ -41,32 +41,16 @@ Install_PureFTPd() {
     ulimit -s unlimited
     systemctl start pureftpd
 
-    # iptables Ftp
+    # Firewall Ftp
     if [ "${PM}" == 'yum' ]; then
-      if [ -n "`grep 'dport 80 ' /etc/sysconfig/iptables`" ] && [ -z "$(grep '20000:30000' /etc/sysconfig/iptables)" ]; then
-        iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-        iptables -I INPUT 6 -p tcp -m state --state NEW -m tcp --dport 20000:30000 -j ACCEPT
-        service iptables save
-        ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-        ip6tables -I INPUT 6 -p tcp -m state --state NEW -m tcp --dport 20000:30000 -j ACCEPT
-        service ip6tables save
+      if [ "`firewall-cmd --state`" == "running" ]; then
+        firewall-cmd --permanent --zone=public --add-port={21/tcp,20000-30000/tcp}
+        firewall-cmd --reload
       fi
     elif [ "${PM}" == 'apt-get' ]; then
-      if [ -e '/etc/iptables/rules.v4' ]; then
-        if [ -n "`grep 'dport 80 ' /etc/iptables/rules.v4`" ] && [ -z "$(grep '20000:30000' /etc/iptables/rules.v4)" ]; then
-          iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-          iptables -I INPUT 6 -p tcp -m state --state NEW -m tcp --dport 20000:30000 -j ACCEPT
-          iptables-save > /etc/iptables/rules.v4
-          ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-          ip6tables -I INPUT 6 -p tcp -m state --state NEW -m tcp --dport 20000:30000 -j ACCEPT
-          ip6tables-save > /etc/iptables/rules.v6
-        fi
-      elif [ -e '/etc/iptables.up.rules' ]; then
-        if [ -n "`grep 'dport 80 ' /etc/iptables.up.rules`" ] && [ -z "$(grep '20000:30000' /etc/iptables.up.rules)" ]; then
-          iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-          iptables -I INPUT 6 -p tcp -m state --state NEW -m tcp --dport 20000:30000 -j ACCEPT
-          iptables-save > /etc/iptables.up.rules
-        fi
+      if ufw status | grep -wq active; then
+	  ufw allow 21/tcp
+	  ufw allow 20000:30000/tcp
       fi
     fi
 
@@ -74,7 +58,7 @@ Install_PureFTPd() {
     rm -rf pure-ftpd-${pureftpd_ver}
   else
     rm -rf ${pureftpd_install_dir}
-    echo "${CFAILURE}Pure-Ftpd install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Pure-Ftpd install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
   popd > /dev/null

include/redis.sh

@@ -40,7 +40,7 @@ Install_redis_server() {
     systemctl start redis-server
   else
     rm -rf ${redis_install_dir}
-    echo "${CFAILURE}Redis-server install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Redis-server install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
   popd > /dev/null
@@ -66,7 +66,7 @@ Install_pecl_redis() {
       echo "${CSUCCESS}PHP Redis module installed successfully! ${CEND}"
       rm -rf redis-${pecl_redis_ver} redis-${pecl_redis_oldver}
     else
-      echo "${CFAILURE}PHP Redis module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP Redis module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

include/tomcat-10.sh

@@ -33,7 +33,7 @@ Install_Tomcat10() {
 
   if [ ! -e "${tomcat_install_dir}/conf/server.xml" ]; then
     rm -rf ${tomcat_install_dir}
-    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 
@@ -67,25 +67,13 @@ EOF
 
     if [ ! -e "${nginx_install_dir}/sbin/nginx" -a ! -e "${tengine_install_dir}/sbin/nginx" -a ! -e "${openresty_install_dir}/nginx/sbin/nginx" -a ! -e "${apache_install_dir}/bin/httpd" ]; then
       if [ "${PM}" == 'yum' ]; then
-        if [ -n "`grep 'dport 80 ' /etc/sysconfig/iptables`" ] && [ -z "$(grep -w '8080' /etc/sysconfig/iptables)" ]; then
-          iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-          service iptables save
-          ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-          service ip6tables save
-        fi
+        if [ "`firewall-cmd --state`" == "running" ]; then
+          firewall-cmd --permanent --zone=public --add-port=8080/tcp
+          firewall-cmd --reload
+	fi
       elif [ "${PM}" == 'apt-get' ]; then
-        if [ -e '/etc/iptables/rules.v4' ]; then
-          if [ -n "`grep 'dport 80 ' /etc/iptables/rules.v4`" ] && [ -z "$(grep -w '8080' /etc/iptables/rules.v4)" ]; then
-            iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            iptables-save > /etc/iptables/rules.v4
-            ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            ip6tables-save > /etc/iptables/rules.v6
-          fi
-        elif [ -e '/etc/iptables.up.rules' ]; then
-          if [ -n "`grep 'dport 80 ' /etc/iptables.up.rules`" ] && [ -z "$(grep -w '8080' /etc/iptables.up.rules)" ]; then
-            iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            iptables-save > /etc/iptables.up.rules
-          fi
+        if ufw status | grep -wq active; then
+            ufw allow 8080/tcp
         fi
       fi
     fi
@@ -134,7 +122,7 @@ EOF
     rm -rf apache-tomcat-${tomcat10_ver}
   else
     popd > /dev/null
-    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
   fi
   service tomcat start
   popd > /dev/null

include/tomcat-7.sh

@@ -33,7 +33,7 @@ Install_Tomcat7() {
 
   if [ ! -e "${tomcat_install_dir}/conf/server.xml" ]; then
     rm -rf ${tomcat_install_dir}
-    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 
@@ -69,25 +69,13 @@ EOF
 
     if [ ! -e "${nginx_install_dir}/sbin/nginx" -a ! -e "${tengine_install_dir}/sbin/nginx" -a ! -e "${openresty_install_dir}/nginx/sbin/nginx" -a ! -e "${apache_install_dir}/bin/httpd" ]; then
       if [ "${PM}" == 'yum' ]; then
-        if [ -n "`grep 'dport 80 ' /etc/sysconfig/iptables`" ] && [ -z "$(grep -w '8080' /etc/sysconfig/iptables)" ]; then
-          iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-          service iptables save
-          ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-          service ip6tables save
-        fi
+        if [ "`firewall-cmd --state`" == "running" ]; then
+          firewall-cmd --permanent --zone=public --add-port=8080/tcp
+          firewall-cmd --reload
+	fi
       elif [ "${PM}" == 'apt-get' ]; then
-        if [ -e '/etc/iptables/rules.v4' ]; then
-          if [ -n "`grep 'dport 80 ' /etc/iptables/rules.v4`" ] && [ -z "$(grep -w '8080' /etc/iptables/rules.v4)" ]; then
-            iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            iptables-save > /etc/iptables/rules.v4
-            ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            ip6tables-save > /etc/iptables/rules.v6
-          fi
-        elif [ -e '/etc/iptables.up.rules' ]; then
-          if [ -n "`grep 'dport 80 ' /etc/iptables.up.rules`" ] && [ -z "$(grep -w '8080' /etc/iptables.up.rules)" ]; then
-            iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            iptables-save > /etc/iptables.up.rules
-          fi
+        if ufw status | grep -wq active; then
+            ufw allow 8080/tcp
         fi
       fi
     fi
@@ -136,7 +124,7 @@ EOF
     rm -rf apache-tomcat-${tomcat7_ver}
   else
     popd > /dev/null
-    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
   fi
   service tomcat start
   popd > /dev/null

include/tomcat-8.sh

@@ -33,7 +33,7 @@ Install_Tomcat8() {
 
   if [ ! -e "${tomcat_install_dir}/conf/server.xml" ]; then
     rm -rf ${tomcat_install_dir}
-    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 
@@ -67,25 +67,13 @@ EOF
 
     if [ ! -e "${nginx_install_dir}/sbin/nginx" -a ! -e "${tengine_install_dir}/sbin/nginx" -a ! -e "${openresty_install_dir}/nginx/sbin/nginx" -a ! -e "${apache_install_dir}/bin/httpd" ]; then
       if [ "${PM}" == 'yum' ]; then
-        if [ -n "`grep 'dport 80 ' /etc/sysconfig/iptables`" ] && [ -z "$(grep -w '8080' /etc/sysconfig/iptables)" ]; then
-          iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-          service iptables save
-          ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-          service ip6tables save
-        fi
+        if [ "`firewall-cmd --state`" == "running" ]; then
+          firewall-cmd --permanent --zone=public --add-port=8080/tcp
+          firewall-cmd --reload
+	fi
       elif [ "${PM}" == 'apt-get' ]; then
-        if [ -e '/etc/iptables/rules.v4' ]; then
-          if [ -n "`grep 'dport 80 ' /etc/iptables/rules.v4`" ] && [ -z "$(grep -w '8080' /etc/iptables/rules.v4)" ]; then
-            iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            iptables-save > /etc/iptables/rules.v4
-            ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            ip6tables-save > /etc/iptables/rules.v6
-          fi
-        elif [ -e '/etc/iptables.up.rules' ]; then
-          if [ -n "`grep 'dport 80 ' /etc/iptables.up.rules`" ] && [ -z "$(grep -w '8080' /etc/iptables.up.rules)" ]; then
-            iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            iptables-save > /etc/iptables.up.rules
-          fi
+        if ufw status | grep -wq active; then
+            ufw allow 8080/tcp
         fi
       fi
     fi
@@ -134,7 +122,7 @@ EOF
     rm -rf apache-tomcat-${tomcat8_ver}
   else
     popd > /dev/null
-    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
   fi
   service tomcat start
   popd > /dev/null

include/tomcat-9.sh

@@ -33,7 +33,7 @@ Install_Tomcat9() {
 
   if [ ! -e "${tomcat_install_dir}/conf/server.xml" ]; then
     rm -rf ${tomcat_install_dir}
-    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     kill -9 $$; exit 1;
   fi
 
@@ -67,25 +67,13 @@ EOF
 
     if [ ! -e "${nginx_install_dir}/sbin/nginx" -a ! -e "${tengine_install_dir}/sbin/nginx" -a ! -e "${openresty_install_dir}/nginx/sbin/nginx" -a ! -e "${apache_install_dir}/bin/httpd" ]; then
       if [ "${PM}" == 'yum' ]; then
-        if [ -n "`grep 'dport 80 ' /etc/sysconfig/iptables`" ] && [ -z "$(grep -w '8080' /etc/sysconfig/iptables)" ]; then
-          iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-          service iptables save
-          ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-          service ip6tables save
-        fi
+        if [ "`firewall-cmd --state`" == "running" ]; then
+          firewall-cmd --permanent --zone=public --add-port=8080/tcp
+          firewall-cmd --reload
+	fi
       elif [ "${PM}" == 'apt-get' ]; then
-        if [ -e '/etc/iptables/rules.v4' ]; then
-          if [ -n "`grep 'dport 80 ' /etc/iptables/rules.v4`" ] && [ -z "$(grep -w '8080' /etc/iptables/rules.v4)" ]; then
-            iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            iptables-save > /etc/iptables/rules.v4
-            ip6tables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            ip6tables-save > /etc/iptables/rules.v6
-          fi
-        elif [ -e '/etc/iptables.up.rules' ]; then
-          if [ -n "`grep 'dport 80 ' /etc/iptables.up.rules`" ] && [ -z "$(grep -w '8080' /etc/iptables.up.rules)" ]; then
-            iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-            iptables-save > /etc/iptables.up.rules
-          fi
+        if ufw status | grep -wq active; then
+            ufw allow 8080/tcp
         fi
       fi
     fi
@@ -134,7 +122,7 @@ EOF
     rm -rf apache-tomcat-${tomcat9_ver}
   else
     popd > /dev/null
-    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && lsb_release -a
+    echo "${CFAILURE}Tomcat install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
   fi
   service tomcat start
   popd > /dev/null

include/xcache.sh

@@ -67,7 +67,7 @@ EOF
         echo "${CSUCCESS}PHP xcache module installed successfully! ${CEND}"
         rm -rf xcache-${xcache_ver}
       else
-        echo "${CFAILURE}PHP xcache module install failed, Please contact the author! ${CEND}" && lsb_release -a
+        echo "${CFAILURE}PHP xcache module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
       fi
     else
       echo; echo "${CWARNING}Your php ${PHP_detail_ver} does not support XCache! ${CEND}";

include/zendopcache.sh

@@ -69,7 +69,7 @@ EOF
       echo "${CSUCCESS}PHP opcache module installed successfully! ${CEND}"
       rm -rf php-${PHP_detail_ver}
     else
-      echo "${CFAILURE}PHP opcache module install failed, Please contact the author! ${CEND}" && lsb_release -a
+      echo "${CFAILURE}PHP opcache module install failed, Please contact the author! ${CEND}" && grep -Ew 'NAME|ID|ID_LIKE|VERSION_ID|PRETTY_NAME' /etc/os-release
     fi
     popd > /dev/null
   fi

install.sh

@@ -68,12 +68,12 @@ Show_Help() {
   --phpmyadmin                Install phpMyAdmin
   --python                    Install Python (PATH: ${python_install_dir})
   --ssh_port [No.]            SSH port
-  --iptables                  Enable iptables
+  --firewall                  Enable firewall
   --reboot                    Restart the server after installation
   "
 }
 ARG_NUM=$#
-TEMP=`getopt -o hvV --long help,version,nginx_option:,apache,apache_mode_option:,apache_mpm_option:,php_option:,mphp_ver:,mphp_addons,phpcache_option:,php_extensions:,nodejs,tomcat_option:,jdk_option:,db_option:,dbrootpwd:,dbinstallmethod:,pureftpd,redis,memcached,phpmyadmin,python,ssh_port:,iptables,reboot -- "$@" 2>/dev/null`
+TEMP=`getopt -o hvV --long help,version,nginx_option:,apache,apache_mode_option:,apache_mpm_option:,php_option:,mphp_ver:,mphp_addons,phpcache_option:,php_extensions:,nodejs,tomcat_option:,jdk_option:,db_option:,dbrootpwd:,dbinstallmethod:,pureftpd,redis,memcached,phpmyadmin,python,ssh_port:,firewall,reboot -- "$@" 2>/dev/null`
 [ $? != 0 ] && echo "${CWARNING}ERROR: unknown argument! ${CEND}" && Show_Help && exit 1
 eval set -- "${TEMP}"
 while :; do
@@ -197,8 +197,8 @@ while :; do
     --ssh_port)
       ssh_port=$2; shift 2
       ;;
-    --iptables)
-      iptables_flag=y; shift 1
+    --firewall)
+      firewall_flag=y; shift 1
       ;;
     --reboot)
       reboot_flag=y; shift 1
@@ -235,10 +235,10 @@ fi
 
 if [ ${ARG_NUM} == 0 ]; then
   if [ ! -e ~/.oneinstack ]; then
-    # check iptables
+    # check firewall
     while :; do echo
-      read -e -p "Do you want to enable iptables? [y/n]: " iptables_flag
-      if [[ ! ${iptables_flag} =~ ^[y,n]$ ]]; then
+      read -e -p "Do you want to enable firewall? [y/n]: " firewall_flag
+      if [[ ! ${firewall_flag} =~ ^[y,n]$ ]]; then
         echo "${CWARNING}input error! Please only input 'y' or 'n'${CEND}"
       else
         break

versions.txt

@@ -3,7 +3,7 @@
 nginx_ver=1.22.1
 tengine_ver=2.3.3
 openresty_ver=1.21.4.1
-openssl11_ver=1.1.1q
+openssl11_ver=1.1.1s
 openssl_ver=1.0.2u
 
 tomcat10_ver=10.0.27
@@ -23,9 +23,9 @@ mysql57_ver=5.7.40
 mysql56_ver=5.6.51
 mysql55_ver=5.5.62
 
-mariadb106_ver=10.6.10
-mariadb105_ver=10.5.17
-mariadb104_ver=10.4.26
+mariadb106_ver=10.6.11
+mariadb105_ver=10.5.18
+mariadb104_ver=10.4.27
 mariadb55_ver=5.5.68
 
 percona80_ver=8.0.29-21
@@ -84,7 +84,7 @@ xdebug_ver=3.1.2
 xdebug_oldver=2.9.8
 
 # Ftp
-pureftpd_ver=1.0.49
+pureftpd_ver=1.0.51
 
 # Redis
 redis_ver=7.0.5