fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-27 21:00:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

firewall: don't set firewall zone for assumed devices

Browse source 
https://bugzilla.redhat.com/show_bug.cgi?id=1098281

Signed-off-by: Thomas Haller <thaller@redhat.com>
This commit is contained in:
Thomas Haller 2014-11-13 14:55:47 +01:00
parent 1141727690
commit 06a45fdcaf
2 changed files with 15 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/devices/nm-device.c
View file

@ -4590,6 +4590,14 @@ nm_device_activate_schedule_stage3_ip_config_start (NMDevice *self)
s_con = nm_connection_get_setting_connection (connection);
zone = nm_setting_connection_get_zone (s_con);
if (nm_device_uses_assumed_connection (self)) {
_LOGD (LOGD_DEVICE, "Activation: skip setting firewall zone '%s' for assumed device", zone ? zone : "default");
activation_source_schedule (self, nm_device_activate_stage3_ip_config_start, 0);
_LOGI (LOGD_DEVICE, "Activation: Stage 3 of 5 (IP Configure Start) scheduled.");
return;
}
_LOGD (LOGD_DEVICE, "Activation: setting firewall zone '%s'", zone ? zone : "default");
priv->fw_call = nm_firewall_manager_add_or_change_zone (nm_firewall_manager_get (),
nm_device_get_ip_iface (self),
@ -6887,7 +6895,9 @@ _cleanup_generic_pre (NMDevice *self, gboolean deconfigure)
}
connection = nm_device_get_connection (self);
if (deconfigure && connection) {
if ( deconfigure
&& connection
&& !nm_device_uses_assumed_connection (self)) {
nm_firewall_manager_remove_from_zone (nm_firewall_manager_get (),
nm_device_get_ip_iface (self),
NULL);

6
src/nm-policy.c
View file

@ -1576,7 +1576,8 @@ firewall_update_zone (NMPolicy *policy, NMConnection *connection)
NMDevice *dev = NM_DEVICE (iter->data);
if ( (nm_device_get_connection (dev) == connection)
&& (nm_device_get_state (dev) == NM_DEVICE_STATE_ACTIVATED)) {
&& (nm_device_get_state (dev) == NM_DEVICE_STATE_ACTIVATED)
&& !nm_device_uses_assumed_connection (dev)) {
nm_firewall_manager_add_or_change_zone (nm_firewall_manager_get (),
nm_device_get_ip_iface (dev),
nm_setting_connection_get_zone (s_con),
@ -1606,7 +1607,8 @@ firewall_started (NMFirewallManager *manager,
continue;
s_con = nm_connection_get_setting_connection (connection);
if (nm_device_get_state (dev) == NM_DEVICE_STATE_ACTIVATED) {
if ( nm_device_get_state (dev) == NM_DEVICE_STATE_ACTIVATED
&& !nm_device_uses_assumed_connection (dev)) {
nm_firewall_manager_add_or_change_zone (nm_firewall_manager_get (),
nm_device_get_ip_iface (dev),
nm_setting_connection_get_zone (s_con),