From 8b366f11489eb8a2dfd63eb142e44e77805f87b7 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Tue, 5 Jun 2012 19:37:39 +0200
Subject: [PATCH] dom0: default TemplateVM firewall: block all traffic and
 allow use of yum proxy (#590)

---
 dom0/qvm-core/qubes.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/dom0/qvm-core/qubes.py b/dom0/qvm-core/qubes.py
index ffb96306..0c6a71cf 100755
--- a/dom0/qvm-core/qubes.py
+++ b/dom0/qvm-core/qubes.py
@@ -1577,6 +1577,9 @@ class QubesTemplateVm(QubesVm):
     def updateable(self):
         return True
 
+    def get_firewall_defaults(self):
+        return { "rules": list(), "allow": False, "allowDns": False, "allowIcmp": False, "allowYumProxy": True }
+
     def get_rootdev(self, source_template=None):
         return "'script:origin:{dir}/root.img:{dir}/root-cow.img,xvda,w',".format(dir=self.dir_path)