added resolve_netpath to recursively know the netvm chain

2021-06-26 17:33:56 +02:00 · 2021-06-26 17:33:56 +02:00 · 224a290cdf
commit 224a290cdf
parent 3e2fbb2c75
1 changed files with 17 additions and 0 deletions
--- a/qubes/vm/mix/net.py
+++ b/qubes/vm/mix/net.py
@ -135,6 +135,7 @@ class NetVMMixin(qubes.events.Emitter):
        return 'firewall.xml'

    #
+
    # used in networked appvms or proxyvms (netvm is not None)
    #

@ -360,11 +361,27 @@ class NetVMMixin(qubes.events.Emitter):

        return self.netvm is not None

+    def resolve_netpath(self):
+        '''This VM does not have a network path since it has no netvm'''
+        if self.netvm is None:
+            return
+
+        '''Recursively resolve netvm until tone has no netvm set'''
+        netpath = list()
+        netvm = self.netvm
+        while netvm:
+            netpath.append(netvm)
+            netvm = netvm.netvm
+
+        return netpath
+
    def reload_firewall_for_vm(self, vm):
        ''' Reload the firewall rules for the vm '''
        if not self.is_running():
            return

+        netpath = self.resolve_netpath()
+
        for addr_family in (4, 6):
            ip = vm.ip6 if addr_family == 6 else vm.ip
            if ip is None: