Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

vm/firewall: do not fail when one VMs rules failed

Browse Source
This commit is contained in:
Marek Marczykowski 2012-02-13 15:47:34 +01:00
parent e7571b5523
commit 1b92fc877e
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
network/qubes_firewall
View File

@ -29,12 +29,12 @@ while true; do
RULES=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES_HEADER) RULES=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES_HEADER)
IPTABLES_SAVE=$(/sbin/iptables-save | sed '/^\*filter/,/^COMMIT/d') IPTABLES_SAVE=$(/sbin/iptables-save | sed '/^\*filter/,/^COMMIT/d')
OUT=`echo -e "$RULES\n$IPTABLES_SAVE" | /sbin/iptables-restore 2>&1 || :` OUT=`echo -e "$RULES\n$IPTABLES_SAVE" | /sbin/iptables-restore 2>&1 || true`
for i in $(xenstore-list qubes_iptables_domainrules) ; do for i in $(xenstore-list qubes_iptables_domainrules) ; do
RULES=$(/usr/bin/xenstore-read qubes_iptables_domainrules/"$i") RULES=$(/usr/bin/xenstore-read qubes_iptables_domainrules/"$i")
ERRS=`echo -e "$RULES" | /sbin/iptables-restore -n 2>&1 || :` ERRS=`echo -e "$RULES" | /sbin/iptables-restore -n 2>&1 || true`
OUT="$OUT""$ERRS" OUT="$OUT$ERRS"
done done
/usr/bin/xenstore-write $XENSTORE_ERROR "$OUT" /usr/bin/xenstore-write $XENSTORE_ERROR "$OUT"
if [ "$OUT" ]; then if [ "$OUT" ]; then