firewall: add clone and comparing methods, missing docstrings

2017-05-15 13:04:59 +02:00 · 2017-05-15 13:04:59 +02:00 · b4ad5f0149
commit b4ad5f0149
parent 8de82f390e
1 changed files with 30 additions and 0 deletions
--- a/qubes/firewall.py
+++ b/qubes/firewall.py
@ -361,6 +361,7 @@ class Rule(qubes.PropertyHolder):
    def __eq__(self, other):
        return self.rule == other.rule

+
 class Firewall(object):
    def __init__(self, vm, load=True):
        assert hasattr(vm, 'firewall_conf')
@ -373,11 +374,32 @@ class Firewall(object):
        if load:
            self.load()

+    def __eq__(self, other):
+        if isinstance(other, Firewall):
+            return self.policy == other.policy and self.rules == other.rules
+        return NotImplemented
+
    def load_defaults(self):
+        '''Load default firewall settings'''
        self.rules = []
        self.policy = Action('accept')

+    def clone(self, other):
+        '''Clone firewall settings from other instance.
+        This method discards pre-existing firewall settings.
+
+        :param other: other :py:class:`Firewall` instance
+        '''
+        self.policy = other.policy
+        rules = []
+        for rule in other.rules:
+            new_rule = Rule()
+            new_rule.clone_properties(rule)
+            rules.append(new_rule)
+        self.rules = rules
+
    def load(self):
+        '''Load firewall settings from a file'''
        firewall_conf = os.path.join(self.vm.dir_path, self.vm.firewall_conf)
        if os.path.exists(firewall_conf):
            self.rules = []
@ -396,6 +418,7 @@ class Firewall(object):
            self.load_defaults()

    def load_v1(self, xml_root):
+        '''Load old (Qubes < 4.0) firewall XML format'''
        policy_v1 = xml_root.get('policy')
        assert policy_v1 in ('allow', 'deny')
        if policy_v1 == 'allow':
@ -426,6 +449,7 @@ class Firewall(object):
            self.rules.append(rule)

    def load_v2(self, xml_root):
+        '''Load new (Qubes >= 4.0) firewall XML format'''
        self.policy = Action(xml_root.findtext('policy'))

        xml_rules = xml_root.find('rules')
@ -434,6 +458,7 @@ class Firewall(object):
            self.rules.append(rule)

    def save(self):
+        '''Save firewall rules to a file'''
        firewall_conf = os.path.join(self.vm.dir_path, self.vm.firewall_conf)
        expiring_rules_present = False

@ -476,6 +501,11 @@ class Firewall(object):


    def qdb_entries(self, addr_family=None):
+        '''Return firewall settings serialized for QubesDB entries
+
+        :param addr_family: include rules only for IPv4 (4) or IPv6 (6); if
+        None, include both
+        '''
        entries = {
            'policy': str(self.policy)
        }