From 36366a00804c8c6edd5a523f13f4fcf9fd8f732c Mon Sep 17 00:00:00 2001 From: Anders Blomdell <anders.blomdell@control.lth.se> Date: Wed, 7 Sep 2022 12:46:01 +0200 Subject: [PATCH] Update firewall zone handling --- src/hostinfo/networkmanager.py | 31 +++++++++++++++++++++---------- 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/src/hostinfo/networkmanager.py b/src/hostinfo/networkmanager.py index 742cbf9..4e1dd4c 100644 --- a/src/hostinfo/networkmanager.py +++ b/src/hostinfo/networkmanager.py @@ -191,26 +191,37 @@ class Network(object): return result[0] raise Exception('Only one gateway allowed', result, list(ip)) - def firewalld_zone(self, ip): - result = [] - for i in ip: + def firewalld_zone(self, interface): + def find_zone(i): + zones = set() a = util.address(i) if not a: - continue + return zones if i.firewalld_zone[0]: - # Use specified address as gateway - result.append(i.firewalld_zone[0]) - continue + zones |= { i.firewalld_zone[0] } + return zones for (n,s) in self._networks.items(): if a in n and s.firewalld_zone[0]: - result.append(s.firewalld_zone[0]) + zones |= { s.firewalld_zone[0] } pass pass + return zones + result = set() + if interface.firewalld_zone[0]: + result |= { interface.firewalld_zone[0] } + pass + else: + for i in interface._ip_: + result |= find_zone(i) + pass + for i in interface._ipv6_: + result |= find_zone(i) + pass pass if len(result) == 0: return None elif len(result) == 1: - return result[0] + return result.pop() raise Exception('Only one firewalld_zone allowed', result, list(ip)) pass @@ -299,7 +310,7 @@ def configure_networking(connection, interface, settings=None): pass pass else: - update['connection', 'zone'] = network.firewalld_zone(interface._ip_) + update['connection', 'zone'] = network.firewalld_zone(interface) ipv4a = list(filter(None, [ network.address_data(i) for i in interface._ip_ ])) ipv6a = list(filter(None, [ network.address_data(i) -- GitLab