Commit b2d4f66d authored by Jiri Popelka's avatar Jiri Popelka Committed by Dan Williams

firewall-manager: add interfaces to zones after firewall (re)start

Because firewalld has no idea what interface is part of which zone
we need to inform it after it (re)starts what interface belongs to which
zone.
parent 86a8fa4a
......@@ -47,6 +47,14 @@ typedef struct {
gboolean disposed;
} NMFirewallManagerPrivate;
enum {
STARTED,
LAST_SIGNAL
};
static guint signals[LAST_SIGNAL] = { 0 };
/********************************************************************/
typedef struct {
......@@ -204,6 +212,7 @@ name_owner_changed (NMDBusManager *dbus_mgr,
if (!old_owner_good && new_owner_good) {
nm_log_dbg (LOGD_FIREWALL, "firewall started");
set_running (self, TRUE);
g_signal_emit (self, signals[STARTED], 0);
} else if (old_owner_good && !new_owner_good) {
nm_log_dbg (LOGD_FIREWALL, "firewall stopped");
set_running (self, FALSE);
......@@ -306,5 +315,15 @@ nm_firewall_manager_class_init (NMFirewallManagerClass *klass)
"Available",
FALSE,
G_PARAM_READABLE));
signals[STARTED] =
g_signal_new ("started",
G_OBJECT_CLASS_TYPE (object_class),
G_SIGNAL_RUN_FIRST,
G_STRUCT_OFFSET (NMFirewallManagerClass, started),
NULL, NULL,
g_cclosure_marshal_VOID__VOID,
G_TYPE_NONE, 0);
}
......@@ -47,6 +47,9 @@ typedef struct {
typedef struct {
GObjectClass parent;
/* Signals */
void (*started) (NMFirewallManager *manager);
} NMFirewallManagerClass;
GType nm_firewall_manager_get_type (void);
......
......@@ -55,6 +55,7 @@ struct NMPolicy {
gulong vpn_deactivated_id;
NMFirewallManager *fw_manager;
gulong fw_started_id;
NMSettings *settings;
......@@ -1285,6 +1286,32 @@ inform_firewall_about_zone (NMPolicy *policy, NMConnection *connection)
}
}
static void
firewall_started (NMFirewallManager *manager,
gpointer user_data)
{
NMPolicy *policy = (NMPolicy *) user_data;
NMConnection *connection;
NMSettingConnection *s_con;
GSList *iter, *devices;
devices = nm_manager_get_devices (policy->manager);
for (iter = devices; iter; iter = g_slist_next (iter)) {
NMDevice *dev = NM_DEVICE (iter->data);
connection = get_device_connection (dev);
s_con = nm_connection_get_setting_connection (connection);
if (nm_device_get_state (dev) == NM_DEVICE_STATE_ACTIVATED) {
nm_firewall_manager_add_to_zone (policy->fw_manager,
nm_device_get_ip_iface (dev),
nm_setting_connection_get_zone (s_con),
add_to_zone_cb,
g_object_ref (dev),
NULL);
}
}
}
static void
connection_updated (NMSettings *settings,
NMConnection *connection,
......@@ -1416,6 +1443,9 @@ nm_policy_new (NMManager *manager,
policy->vpn_deactivated_id = id;
policy->fw_manager = nm_firewall_manager_get();
id = g_signal_connect (policy->fw_manager, "started",
G_CALLBACK (firewall_started), policy);
policy->fw_started_id = id;
_connect_manager_signal (policy, "state-changed", global_state_changed);
_connect_manager_signal (policy, "notify::" NM_MANAGER_HOSTNAME, hostname_changed);
......@@ -1461,6 +1491,7 @@ nm_policy_destroy (NMPolicy *policy)
g_signal_handler_disconnect (policy->vpn_manager, policy->vpn_deactivated_id);
g_object_unref (policy->vpn_manager);
g_signal_handler_disconnect (policy->fw_manager, policy->fw_started_id);
g_object_unref (policy->fw_manager);
for (iter = policy->manager_ids; iter; iter = g_slist_next (iter))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment