tools/qvm-firewall: add dst4 and dst6 as synonyms for dsthost

doc/manpages/qvm-firewall.rst

@@ -66,6 +66,12 @@ further rules are not evaluated. If none of the rules match, default action
 Supported matches:
  - ``dsthost`` - destination host or network. Can be either IP address in CIDR
    notation, or a host name. Both IPv4 and IPv6 are supported by the rule syntax.
+   In order to allow reuse of ``--raw`` output, ``dst4`` and ``dst6`` are accepted
+   as synonyms.
+
+ - ``dst4`` - see ``dsthost``
+
+ - ``dst6`` - see ``dsthost``
 
  - ``proto`` - specific IP protocol. Supported values: ``tcp``, ``udp``,
    ``icmp``.

qubesadmin/tests/tools/qvm_firewall.py

@@ -88,6 +88,14 @@ class TC_00_RuleAction(qubesadmin.tests.QubesTestCase):
                 None, action='accept', dsthost='127.0.0.1/32',
                 expire=now+100))
 
+    def test_006_dsthost_aliases(self):
+        ns = argparse.Namespace()
+        for name in ['dsthost', 'dst4', 'dst6']:
+            self.action(None, ns, [name + '=127.0.0.1', 'accept'])
+            self.assertEqual(ns.rule,
+                qubesadmin.firewall.Rule(
+                    None, action='accept', dsthost='127.0.0.1/32'))
+
 
 class TC_10_qvm_firewall(qubesadmin.tests.QubesTestCase):
     def setUp(self):

qubesadmin/tools/qvm_firewall.py

@@ -56,6 +56,8 @@ class RuleAction(argparse.Action):
             else:
                 raise argparse.ArgumentError(None,
                     'invalid rule description: {}'.format(opt))
+            if key in ['dst4', 'dst6']:
+                key = 'dsthost'
             if key not in allowed_opts:
                 raise argparse.ArgumentError(None,
                     'Invalid rule element: {}'.format(opt))
@@ -87,6 +89,8 @@ interchangeably.
 
 Available rules:
     action:        accept or drop
+    dst4           synonym for dsthost
+    dst6           synonym for dsthost
     dsthost        IP, network or hostname
                      (e.g. 10.5.3.2, 192.168.0.0/16,
                      www.example.com, fd00::/8)