added resolve_netpath to recursively know the netvm chain

qubes/vm/mix/net.py

@@ -135,6 +135,7 @@ class NetVMMixin(qubes.events.Emitter):
         return 'firewall.xml'
 
     #
+
     # used in networked appvms or proxyvms (netvm is not None)
     #
 
@@ -360,11 +361,27 @@ class NetVMMixin(qubes.events.Emitter):
 
         return self.netvm is not None
 
+    def resolve_netpath(self):
+        '''This VM does not have a network path since it has no netvm'''
+        if self.netvm is None:
+            return
+
+        '''Recursively resolve netvm until tone has no netvm set'''
+        netpath = list()
+        netvm = self.netvm
+        while netvm:
+            netpath.append(netvm)
+            netvm = netvm.netvm
+
+        return netpath
+
     def reload_firewall_for_vm(self, vm):
         ''' Reload the firewall rules for the vm '''
         if not self.is_running():
             return
 
+        netpath = self.resolve_netpath()
+
         for addr_family in (4, 6):
             ip = vm.ip6 if addr_family == 6 else vm.ip
             if ip is None: