Browse Source

core: do not reset firewal when setting netvm=none

It is no longer needed as qubesos/qubes-issues#862 is implemented.
Marek Marczykowski-Górecki 9 năm trước cách đây
mục cha
commit
d8533bd061
2 tập tin đã thay đổi với 1 bổ sung12 xóa
  1. 1 10
      core-modules/000QubesVm.py
  2. 0 2
      doc/qvm-tools/qvm-prefs.rst

+ 1 - 10
core-modules/000QubesVm.py

@@ -430,16 +430,7 @@ class QubesVm(object):
                 if hasattr(self.netvm, 'post_vm_net_detach'):
                     self.netvm.post_vm_net_detach(self)
 
-        if new_netvm is None:
-            if not self._do_not_reset_firewall:
-                # Set also firewall to block all traffic as discussed in #370
-                if os.path.exists(self.firewall_conf):
-                    shutil.copy(self.firewall_conf, os.path.join(system_path["qubes_base_dir"],
-                                "backup", "%s-firewall-%s.xml" % (self.name,
-                                time.strftime('%Y-%m-%d-%H:%M:%S'))))
-                self.write_firewall_conf({'allow': False, 'allowDns': False,
-                        'allowIcmp': False, 'allowYumProxy': False, 'rules': []})
-        else:
+        if new_netvm is not None:
             new_netvm.connected_vms[self.qid]=self
 
         self._netvm = new_netvm

+ 0 - 2
doc/qvm-tools/qvm-prefs.rst

@@ -44,8 +44,6 @@ netvm
 
     To which NetVM connect. Setting to ``default`` will follow system-global default NetVM (managed by qubes-prefs). Setting to ``none`` will disable networking in this VM.
 
-    *Notice:* when setting to ``none``, firewall will be set to block all traffic - it will be used by DispVM started from this VM. Setting back to some NetVM will _NOT_ restore previous firewall settings.
-
 dispvm_netvm
     Accepted values: netvm name, ``default``, ``none``