Implemented implicit rule to allow ICMP traffic in firewall

This commit is contained in:
Tomasz Sterna 2011-03-21 22:08:39 +01:00
parent de8c46dff2
commit c8781da11e
2 changed files with 35 additions and 10 deletions

View File

@ -67,14 +67,28 @@
</widget> </widget>
</item> </item>
<item> <item>
<widget class="QCheckBox" name="dnsCheckBox"> <layout class="QHBoxLayout" name="horizontalLayout_3">
<property name="text"> <item>
<string>Allow DNS queries</string> <widget class="QCheckBox" name="dnsCheckBox">
</property> <property name="text">
<property name="checked"> <string>Allow DNS queries</string>
<bool>true</bool> </property>
</property> <property name="checked">
</widget> <bool>true</bool>
</property>
</widget>
</item>
<item>
<widget class="QCheckBox" name="icmpCheckBox">
<property name="text">
<string>Allow ICMP traffic</string>
</property>
<property name="checked">
<bool>true</bool>
</property>
</widget>
</item>
</layout>
</item> </item>
</layout> </layout>
</item> </item>
@ -133,11 +147,12 @@
<tabstops> <tabstops>
<tabstop>policyAllowRadioButton</tabstop> <tabstop>policyAllowRadioButton</tabstop>
<tabstop>policyDenyRadioButton</tabstop> <tabstop>policyDenyRadioButton</tabstop>
<tabstop>dnsCheckBox</tabstop>
<tabstop>rulesTreeView</tabstop> <tabstop>rulesTreeView</tabstop>
<tabstop>newRuleButton</tabstop> <tabstop>newRuleButton</tabstop>
<tabstop>editRuleButton</tabstop> <tabstop>editRuleButton</tabstop>
<tabstop>deleteRuleButton</tabstop> <tabstop>deleteRuleButton</tabstop>
<tabstop>dnsCheckBox</tabstop>
<tabstop>icmpCheckBox</tabstop>
<tabstop>buttonBox</tabstop> <tabstop>buttonBox</tabstop>
</tabstops> </tabstops>
<resources/> <resources/>

View File

@ -43,6 +43,7 @@ class EditFwRulesDlg (QDialog, ui_editfwrulesdlg.Ui_EditFwRulesDlg):
self.deleteRuleButton.clicked.connect(self.delete_rule_button_pressed) self.deleteRuleButton.clicked.connect(self.delete_rule_button_pressed)
self.policyAllowRadioButton.toggled.connect(self.policy_radio_toggled) self.policyAllowRadioButton.toggled.connect(self.policy_radio_toggled)
self.dnsCheckBox.toggled.connect(self.dns_checkbox_toggled) self.dnsCheckBox.toggled.connect(self.dns_checkbox_toggled)
self.icmpCheckBox.toggled.connect(self.icmp_checkbox_toggled)
def set_model(self, model): def set_model(self, model):
self.__model = model self.__model = model
@ -51,6 +52,7 @@ class EditFwRulesDlg (QDialog, ui_editfwrulesdlg.Ui_EditFwRulesDlg):
self.rulesTreeView.header().setResizeMode(0, QHeaderView.Stretch) self.rulesTreeView.header().setResizeMode(0, QHeaderView.Stretch)
self.set_allow(model.allow) self.set_allow(model.allow)
self.dnsCheckBox.setChecked(model.allowDns) self.dnsCheckBox.setChecked(model.allowDns)
self.icmpCheckBox.setChecked(model.allowIcmp)
self.setWindowTitle(model.get_vm_name() + " firewall") self.setWindowTitle(model.get_vm_name() + " firewall")
def set_allow(self, allow): def set_allow(self, allow):
@ -63,6 +65,9 @@ class EditFwRulesDlg (QDialog, ui_editfwrulesdlg.Ui_EditFwRulesDlg):
def dns_checkbox_toggled(self, on): def dns_checkbox_toggled(self, on):
self.__model.allowDns = on self.__model.allowDns = on
def icmp_checkbox_toggled(self, on):
self.__model.allowIcmp = on
def new_rule_button_pressed(self): def new_rule_button_pressed(self):
dialog = NewFwRuleDlg() dialog = NewFwRuleDlg()
self.run_rule_dialog(dialog) self.run_rule_dialog(dialog)
@ -228,6 +233,7 @@ class QubesFirewallRulesModel(QAbstractItemModel):
self.allow = conf["allow"] self.allow = conf["allow"]
self.allowDns = conf["allowDns"] self.allowDns = conf["allowDns"]
self.allowIcmp = conf["allowIcmp"]
for rule in conf["rules"]: for rule in conf["rules"]:
self.appendChild(QubesFirewallRuleItem( self.appendChild(QubesFirewallRuleItem(
@ -240,7 +246,11 @@ class QubesFirewallRulesModel(QAbstractItemModel):
def apply_rules(self): def apply_rules(self):
assert self.__vm is not None assert self.__vm is not None
conf = { "allow": self.allow, "allowDns": self.allowDns, "rules": list() } conf = { "allow": self.allow,
"allowDns": self.allowDns,
"allowIcmp": self.allowIcmp,
"rules": list()
}
for rule in self.children: for rule in self.children:
conf["rules"].append( conf["rules"].append(