Minor logic improvement
This commit is contained in:
parent
99ea8dddbe
commit
787cb1170b
@ -689,15 +689,12 @@ class Firewall:
|
||||
entries['{:04}'.format(ruleno)] = rule.rule
|
||||
return entries
|
||||
|
||||
def qdb_forward_entries(self, addr_family=None):
|
||||
def qdb_forward_entries(self, addr_family=None, type):
|
||||
''' In order to keep all the 'parsing' logic here and not in net.py,
|
||||
directly separate forwarding rules from standard rules since they need
|
||||
to be handled differently later.
|
||||
'''
|
||||
entries = {
|
||||
"internal": [],
|
||||
"external": []
|
||||
}
|
||||
entries = {}
|
||||
if addr_family is not None:
|
||||
exclude_dsttype = 'dst4' if addr_family == 6 else 'dst6'
|
||||
for ruleno, rule in zip(itertools.count(), self.rules):
|
||||
@ -709,10 +706,6 @@ class Firewall:
|
||||
# include only forwarding rules
|
||||
if rule.action != "forward":
|
||||
continue
|
||||
if rule.forwardtype == "internal":
|
||||
entries["internal"]['{:04}'.format(ruleno)] = rule.rule
|
||||
elif rule.forwardype == "external":
|
||||
entries["external"]['{:04}'.format(ruleno)] = rule.rule
|
||||
else:
|
||||
raise ValueError('invalid forwardtype for rule')
|
||||
if rule.forwardtype == type:
|
||||
entries['{:04}'.format(ruleno)] = rule.rule
|
||||
return entries
|
||||
|
||||
@ -398,7 +398,12 @@ class NetVMMixin(qubes.events.Emitter):
|
||||
self.untrusted_qdb.rm(base_dir)
|
||||
# write new forward rules
|
||||
for key, value in vm.firewall.qdb_forward_entries(
|
||||
addr_family=addr_family).items():
|
||||
addr_family=addr_family, "internal").items():
|
||||
# code here
|
||||
# signal its done
|
||||
for key, value in vm.firewall.qdb_forward_entries(
|
||||
addr_family=addr_family, "external").items():
|
||||
# to fix
|
||||
for netvm in netpath:
|
||||
self.untrusted_qdb.write(base_dir + key, value)
|
||||
# signal its done
|
||||
|
||||
Loading…
Reference in New Issue
Block a user