core: do not reset firewal when setting netvm=none

It is no longer needed as qubesos/qubes-issues#862 is implemented.
2015-04-04 21:48:03 +02:00 · 2015-04-04 21:48:03 +02:00 · d8533bd061
commit d8533bd061
parent 7516737fae
2 changed files with 1 additions and 12 deletions
--- a/core-modules/000QubesVm.py
+++ b/core-modules/000QubesVm.py
@ -430,16 +430,7 @@ class QubesVm(object):
                if hasattr(self.netvm, 'post_vm_net_detach'):
                    self.netvm.post_vm_net_detach(self)

-        if new_netvm is None:
-            if not self._do_not_reset_firewall:
-                # Set also firewall to block all traffic as discussed in #370
-                if os.path.exists(self.firewall_conf):
-                    shutil.copy(self.firewall_conf, os.path.join(system_path["qubes_base_dir"],
-                                "backup", "%s-firewall-%s.xml" % (self.name,
-                                time.strftime('%Y-%m-%d-%H:%M:%S'))))
-                self.write_firewall_conf({'allow': False, 'allowDns': False,
-                        'allowIcmp': False, 'allowYumProxy': False, 'rules': []})
-        else:
+        if new_netvm is not None:
            new_netvm.connected_vms[self.qid]=self

        self._netvm = new_netvm
--- a/doc/qvm-tools/qvm-prefs.rst
+++ b/doc/qvm-tools/qvm-prefs.rst
@ -44,8 +44,6 @@ netvm

    To which NetVM connect. Setting to ``default`` will follow system-global default NetVM (managed by qubes-prefs). Setting to ``none`` will disable networking in this VM.

-    *Notice:* when setting to ``none``, firewall will be set to block all traffic - it will be used by DispVM started from this VM. Setting back to some NetVM will _NOT_ restore previous firewall settings.
-
 dispvm_netvm
    Accepted values: netvm name, ``default``, ``none``