From fa703c536f18bc944197ee0a20e8442b2bd2054e Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@mimuw.edu.pl>
Date: Sun, 3 Apr 2011 01:54:04 +0200
Subject: [PATCH] Generate firewall rules only for VMs connected to this
 firewall (#158)

---
 dom0/qvm-core/qubes.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/dom0/qvm-core/qubes.py b/dom0/qvm-core/qubes.py
index 54c94273..76f7ee74 100755
--- a/dom0/qvm-core/qubes.py
+++ b/dom0/qvm-core/qubes.py
@@ -1378,6 +1378,10 @@ class QubesProxyVm(QubesNetVm):
 
         vms = [vm for vm in qvm_collection.values() if vm.has_firewall()]
         for vm in vms:
+            # Process only VMs connected to this ProxyVM
+            if not vm.netvm_vm or vm.netvm_vm.qid != self.qid:
+                continue
+
             conf = vm.get_firewall_conf()
 
             xid = vm.get_xid()