Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 621016 Details for
Bug 845257
Enabling service that's already enabled fails with ALREADY_ENABLED
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
patch
0001-Don-t-send-ALREADY_ENABLED-and-NOT_ENABLED-over-D-Bu.patch (text/plain), 9.47 KB, created by
Jiri Popelka
on 2012-10-03 16:32:19 UTC
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Jiri Popelka
Created:
2012-10-03 16:32:19 UTC
Size:
9.47 KB
patch
obsolete
>From faa9f38ff86b1d7853e7aca86f87a3cd6c974c54 Mon Sep 17 00:00:00 2001 >From: Jiri Popelka <jpopelka@redhat.com> >Date: Wed, 3 Oct 2012 18:19:13 +0200 >Subject: [PATCH] Don't send ALREADY_ENABLED and NOT_ENABLED over D-Bus > >to whoever tried to re-add or re-remove a service/port etc. >Use them for internal indication only. >--- > src/firewall/server/firewalld.py | 140 ++++++++++++++++++++++++++++++++++----- > 1 file changed, 123 insertions(+), 17 deletions(-) > >diff --git a/src/firewall/server/firewalld.py b/src/firewall/server/firewalld.py >index 5675d4a..5ed46d4 100644 >--- a/src/firewall/server/firewalld.py >+++ b/src/firewall/server/firewalld.py >@@ -214,7 +214,14 @@ class FirewallD(slip.dbus.service.Object): > All ingoing and outgoing connections and packets will be blocked. > """ > log.debug1("enablePanicMode()") >- self.fw.enable_panic_mode() >+ try: >+ self.fw.enable_panic_mode() >+ except FirewallError as e: >+ if e.code == ALREADY_ENABLED: >+ log.debug1(e) >+ return >+ else: >+ raise e > self.PanicModeEnabled() > > @slip.dbus.polkit.require_auth(PK_ACTION_INFO) >@@ -227,7 +234,14 @@ class FirewallD(slip.dbus.service.Object): > will not be blocked anymore > """ > log.debug1("disablePanicMode()") >- self.fw.disable_panic_mode() >+ try: >+ self.fw.disable_panic_mode() >+ except FirewallError as e: >+ if e.code == NOT_ENABLED: >+ log.debug1(e) >+ return >+ else: >+ raise e > self.PanicModeDisabled() > > @slip.dbus.polkit.require_auth(PK_ACTION_INFO) >@@ -460,7 +474,14 @@ class FirewallD(slip.dbus.service.Object): > timeout = int(timeout) > log.debug1("zone.addService('%s', '%s', %d)" % (zone, service, timeout)) > >- _zone = self.fw.zone.add_service(zone, service, timeout, sender) >+ try: >+ _zone = self.fw.zone.add_service(zone, service, timeout, sender) >+ except FirewallError as e: >+ if e.code == ALREADY_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e > > if timeout > 0: > tag = GLib.timeout_add_seconds(timeout, self.disableTimedService, >@@ -479,7 +500,14 @@ class FirewallD(slip.dbus.service.Object): > service = str(service) > log.debug1("zone.removeService('%s', '%s')" % (zone, service)) > >- _zone = self.fw.zone.remove_service(zone, service) >+ try: >+ _zone = self.fw.zone.remove_service(zone, service) >+ except FirewallError as e: >+ if e.code == NOT_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e > > self.removeTimeout(_zone, service) > self.ServiceRemoved(_zone, service) >@@ -538,7 +566,15 @@ class FirewallD(slip.dbus.service.Object): > timeout = int(timeout) > log.debug1("zone.enablePort('%s', '%s', '%s')" % \ > (zone, port, protocol)) >- _zone = self.fw.zone.add_port(zone, port, protocol, timeout, sender) >+ >+ try: >+ _zone = self.fw.zone.add_port(zone, port, protocol, timeout, sender) >+ except FirewallError as e: >+ if e.code == ALREADY_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e > > if timeout > 0: > tag = GLib.timeout_add_seconds(timeout, self.disableTimedPort, >@@ -558,7 +594,15 @@ class FirewallD(slip.dbus.service.Object): > protocol = str(protocol) > log.debug1("zone.removePort('%s', '%s', '%s')" % \ > (zone, port, protocol)) >- _zone= self.fw.zone.remove_port(zone, port, protocol) >+ >+ try: >+ _zone= self.fw.zone.remove_port(zone, port, protocol) >+ except FirewallError as e: >+ if e.code == NOT_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e > > self.removeTimeout(_zone, (port, protocol)) > self.PortRemoved(_zone, port, protocol) >@@ -614,8 +658,16 @@ class FirewallD(slip.dbus.service.Object): > # adds masquerade if not added already > timeout = int(timeout) > log.debug1("zone.addMasquerade('%s')" % (zone)) >- _zone = self.fw.zone.add_masquerade(zone, timeout, sender) >- >+ >+ try: >+ _zone = self.fw.zone.add_masquerade(zone, timeout, sender) >+ except FirewallError as e: >+ if e.code == ALREADY_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e >+ > if timeout > 0: > tag = GLib.timeout_add_seconds(timeout, self.disableTimedMasquerade, > _zone) >@@ -631,7 +683,15 @@ class FirewallD(slip.dbus.service.Object): > def removeMasquerade(self, zone, sender=None): > # removes masquerade > log.debug1("zone.removeMasquerade('%s')" % (zone)) >- _zone = self.fw.zone.remove_masquerade(zone) >+ >+ try: >+ _zone = self.fw.zone.remove_masquerade(zone) >+ except FirewallError as e: >+ if e.code == NOT_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e > > self.removeTimeout(_zone, "masquerade") > self.MasqueradeRemoved(_zone) >@@ -680,8 +740,16 @@ class FirewallD(slip.dbus.service.Object): > timeout = int(timeout) > log.debug1("zone.addForwardPort('%s', '%s', '%s', '%s', '%s')" % \ > (zone, port, protocol, toport, toaddr)) >- _zone = self.fw.zone.add_forward_port(zone, port, protocol, toport, >- toaddr, timeout, sender) >+ >+ try: >+ _zone = self.fw.zone.add_forward_port(zone, port, protocol, toport, >+ toaddr, timeout, sender) >+ except FirewallError as e: >+ if e.code == ALREADY_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e > > if timeout > 0: > tag = GLib.timeout_add_seconds(timeout, >@@ -706,8 +774,16 @@ class FirewallD(slip.dbus.service.Object): > toaddr = str(toaddr) > log.debug1("zone.removeForwardPort('%s', '%s', '%s', '%s', '%s')" % \ > (zone, port, protocol, toport, toaddr)) >- _zone = self.fw.zone.remove_forward_port(zone, port, protocol, toport, >- toaddr) >+ >+ try: >+ _zone = self.fw.zone.remove_forward_port(zone, port, protocol, >+ toport, toaddr) >+ except FirewallError as e: >+ if e.code == NOT_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e > > self.removeTimeout(_zone, (port, protocol, toport, toaddr)) > self.ForwardPortRemoved(_zone, port, protocol, toport, toaddr) >@@ -771,7 +847,15 @@ class FirewallD(slip.dbus.service.Object): > icmp = str(icmp) > timeout = int(timeout) > log.debug1("zone.enableIcmpBlock('%s', '%s')" % (zone, icmp)) >- _zone = self.fw.zone.add_icmp_block(zone, icmp, timeout, sender) >+ >+ try: >+ _zone = self.fw.zone.add_icmp_block(zone, icmp, timeout, sender) >+ except FirewallError as e: >+ if e.code == ALREADY_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e > > if timeout > 0: > tag = GLib.timeout_add_seconds(timeout, self.disableTimedIcmpBlock, >@@ -789,7 +873,15 @@ class FirewallD(slip.dbus.service.Object): > # removes icmpBlock from zone > icmp = str(icmp) > log.debug1("zone.removeIcmpBlock('%s', '%s')" % (zone, icmp)) >- _zone = self.fw.zone.remove_icmp_block(zone, icmp) >+ >+ try: >+ _zone = self.fw.zone.remove_icmp_block(zone, icmp) >+ except FirewallError as e: >+ if e.code == NOT_ENABLED: >+ log.debug1(e) >+ return zone >+ else: >+ raise e > > self.removeTimeout(_zone, icmp) > self.IcmpBlockRemoved(_zone, icmp) >@@ -841,7 +933,14 @@ class FirewallD(slip.dbus.service.Object): > table = str(table) > chain = str(chain) > log.debug1("direct.addChain('%s', '%s', '%s')" % (ipv, table, chain)) >- self.fw.direct.add_chain(ipv, table, chain) >+ try: >+ self.fw.direct.add_chain(ipv, table, chain) >+ except FirewallError as e: >+ if e.code == ALREADY_ENABLED: >+ log.debug1(e) >+ return >+ else: >+ raise e > self.ChainAdded(ipv, table, chain) > > @slip.dbus.polkit.require_auth(PK_ACTION_DIRECT) >@@ -854,7 +953,14 @@ class FirewallD(slip.dbus.service.Object): > table = str(table) > chain = str(chain) > log.debug1("direct.removeChain('%s', '%s', '%s')" % (ipv, table, chain)) >- self.fw.direct.remove_chain(ipv, table, chain) >+ try: >+ self.fw.direct.remove_chain(ipv, table, chain) >+ except FirewallError as e: >+ if e.code == NOT_ENABLED: >+ log.debug1(e) >+ return >+ else: >+ raise e > self.ChainRemoved(ipv, table, chain) > > @slip.dbus.polkit.require_auth(PK_ACTION_DIRECT) >-- >1.7.11.4 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=621016">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 845257
:
621016
|
621020