From 787cb1170baa7fd648ae7203f6bf84b1e55aa497 Mon Sep 17 00:00:00 2001
From: Giulio <giulio@gmx.com>
Date: Tue, 29 Jun 2021 13:20:16 +0200
Subject: [PATCH] Minor logic improvement

---
 qubes/firewall.py   | 15 ++++-----------
 qubes/vm/mix/net.py |  7 ++++++-
 2 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/qubes/firewall.py b/qubes/firewall.py
index a89e3eee..e32c4b51 100644
--- a/qubes/firewall.py
+++ b/qubes/firewall.py
@@ -689,15 +689,12 @@ class Firewall:
             entries['{:04}'.format(ruleno)] = rule.rule
         return entries
 
-    def qdb_forward_entries(self, addr_family=None):
+    def qdb_forward_entries(self, addr_family=None, type):
         ''' In order to keep all the 'parsing' logic here and not in net.py,
         directly separate forwarding rules from standard rules since they need
         to be handled differently later.
         '''
-        entries = {
-            "internal": [],
-            "external": []
-        }
+        entries = {}
         if addr_family is not None:
             exclude_dsttype = 'dst4' if addr_family == 6 else 'dst6'
         for ruleno, rule in zip(itertools.count(), self.rules):
@@ -709,10 +706,6 @@ class Firewall:
             # include only forwarding rules
             if rule.action != "forward":
                 continue
-            if rule.forwardtype == "internal":
-                entries["internal"]['{:04}'.format(ruleno)] = rule.rule
-            elif rule.forwardype == "external":
-                entries["external"]['{:04}'.format(ruleno)] = rule.rule
-            else:
-                raise ValueError('invalid forwardtype for rule')
+            if rule.forwardtype == type:
+                entries['{:04}'.format(ruleno)] = rule.rule
         return entries            
diff --git a/qubes/vm/mix/net.py b/qubes/vm/mix/net.py
index ac0ffa7f..fac602a2 100644
--- a/qubes/vm/mix/net.py
+++ b/qubes/vm/mix/net.py
@@ -398,7 +398,12 @@ class NetVMMixin(qubes.events.Emitter):
             self.untrusted_qdb.rm(base_dir)
             # write new forward rules
             for key, value in vm.firewall.qdb_forward_entries(
-                    addr_family=addr_family).items():
+                    addr_family=addr_family, "internal").items():
+                        # code here
+            # signal its done
+            for key, value in vm.firewall.qdb_forward_entries(
+                    addr_family=addr_family, "external").items():
+                    # to fix
                     for netvm in netpath:
                         self.untrusted_qdb.write(base_dir + key, value)
             # signal its done