dom0/qubes-firewall: make protocol selection smart

This commit is contained in:
Marek Marczykowski 2012-02-27 15:46:23 +01:00
parent a0e9feef92
commit c013de4747

View File

@ -995,7 +995,10 @@ class QubesVm(object):
for rule in conf["rules"]:
# For backward compatibility
if "proto" not in rule:
if rule["portBegin"] is not None and rule["portBegin"] > 0:
rule["proto"] = "tcp"
else:
rule["proto"] = "any"
element = xml.etree.ElementTree.Element(
"rule",
address=rule["address"],
@ -1054,16 +1057,19 @@ class QubesVm(object):
else:
rule["netmask"] = 32
# For backward compatibility default to tcp
if rule["proto"] is None:
rule["proto"] = "tcp"
if rule["port"] is not None:
rule["portBegin"] = int(rule["port"])
else:
# backward compatibility
rule["portBegin"] = 0
# For backward compatibility
if rule["proto"] is None:
if rule["portBegin"] > 0:
rule["proto"] = "tcp"
else:
rule["proto"] = "any"
if rule["toport"] is not None:
rule["portEnd"] = int(rule["toport"])
else: