firewall: minor simplification for old firewall.xml loading
Have `default_policy_is_accept` variable of type bool, instead of `policy`, which is only compared to a constant value (`accept`). Suggested by @woju
This commit is contained in:
Marek Marczykowski-Górecki
parent
2b963be9c7
commit
2abdbc4628
@ -506,10 +506,7 @@ class Firewall(object):
|
|||||||
'''Load old (Qubes < 4.0) firewall XML format'''
|
'''Load old (Qubes < 4.0) firewall XML format'''
|
||||||
policy_v1 = xml_root.get('policy')
|
policy_v1 = xml_root.get('policy')
|
||||||
assert policy_v1 in ('allow', 'deny')
|
assert policy_v1 in ('allow', 'deny')
|
||||||
if policy_v1 == 'allow':
|
default_policy_is_accept = (policy_v1 == 'allow')
|
||||||
policy = Action('accept')
|
|
||||||
else:
|
|
||||||
policy = Action('drop')
|
|
||||||
|
|
||||||
def _translate_action(key):
|
def _translate_action(key):
|
||||||
if xml_root.get(key, policy_v1) == 'allow':
|
if xml_root.get(key, policy_v1) == 'allow':
|
||||||
@ -524,7 +521,7 @@ class Firewall(object):
|
|||||||
action=_translate_action('icmp'),
|
action=_translate_action('icmp'),
|
||||||
proto=Proto.icmp))
|
proto=Proto.icmp))
|
||||||
|
|
||||||
if policy == Action.accept:
|
if default_policy_is_accept:
|
||||||
rule_action = Action.drop
|
rule_action = Action.drop
|
||||||
else:
|
else:
|
||||||
rule_action = Action.accept
|
rule_action = Action.accept
|
||||||
@ -532,7 +529,7 @@ class Firewall(object):
|
|||||||
for element in xml_root:
|
for element in xml_root:
|
||||||
rule = Rule.from_xml_v1(element, rule_action)
|
rule = Rule.from_xml_v1(element, rule_action)
|
||||||
self.rules.append(rule)
|
self.rules.append(rule)
|
||||||
if policy == Action.accept:
|
if default_policy_is_accept:
|
||||||
self.rules.append(Rule(None, action='accept'))
|
self.rules.append(Rule(None, action='accept'))
|
||||||
|
|
||||||
def load_v2(self, xml_root):
|
def load_v2(self, xml_root):
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user