[PATCH 1/2] firewall-manager: add interfaces to zones after firewall (re)start

From: Jiri Popelka <jpopelka redhat com>
To: networkmanager-list gnome org
Subject: [PATCH 1/2] firewall-manager: add interfaces to zones after firewall (re)start
Date: Thu, 1 Mar 2012 18:54:22 +0100
Because firewalld has no idea what interface is part of which zone
we need to inform it after it (re)starts what interface belongs to which
zone.
---
 src/firewall-manager/nm-firewall-manager.c |   19 +++++++++++++++++
 src/firewall-manager/nm-firewall-manager.h |    3 ++
 src/nm-policy.c                            |   31 ++++++++++++++++++++++++++++
 3 files changed, 53 insertions(+), 0 deletions(-)

diff --git a/src/firewall-manager/nm-firewall-manager.c b/src/firewall-manager/nm-firewall-manager.c
index b2fd1ce..d9122af 100644
--- a/src/firewall-manager/nm-firewall-manager.c
+++ b/src/firewall-manager/nm-firewall-manager.c
@@ -47,6 +47,14 @@ typedef struct {
 	gboolean        disposed;
 } NMFirewallManagerPrivate;
 
+enum {
+	STARTED,
+
+	LAST_SIGNAL
+};
+
+static guint signals[LAST_SIGNAL] = { 0 };
+
 /********************************************************************/
 
 typedef struct {
@@ -204,6 +212,7 @@ name_owner_changed (NMDBusManager *dbus_mgr,
 	if (!old_owner_good && new_owner_good) {
 		nm_log_dbg (LOGD_FIREWALL, "firewall started");
 		set_running (self, TRUE);
+		g_signal_emit (self, signals[STARTED], 0);
 	} else if (old_owner_good && !new_owner_good) {
 		nm_log_dbg (LOGD_FIREWALL, "firewall stopped");
 		set_running (self, FALSE);
@@ -306,5 +315,15 @@ nm_firewall_manager_class_init (NMFirewallManagerClass *klass)
 		                      "Available",
 		                      FALSE,
 		                      G_PARAM_READABLE));
+
+	signals[STARTED] =
+		g_signal_new ("started",
+					  G_OBJECT_CLASS_TYPE (object_class),
+					  G_SIGNAL_RUN_FIRST,
+					  G_STRUCT_OFFSET (NMFirewallManagerClass, started),
+					  NULL, NULL,
+					  g_cclosure_marshal_VOID__VOID,
+					  G_TYPE_NONE, 0);
+
 }
 
diff --git a/src/firewall-manager/nm-firewall-manager.h b/src/firewall-manager/nm-firewall-manager.h
index b6d6da7..ffc6a30 100644
--- a/src/firewall-manager/nm-firewall-manager.h
+++ b/src/firewall-manager/nm-firewall-manager.h
@@ -47,6 +47,9 @@ typedef struct {
 
 typedef struct {
 	GObjectClass parent;
+
+	/* Signals */
+	void (*started) (NMFirewallManager *manager);
 } NMFirewallManagerClass;
 
 GType nm_firewall_manager_get_type (void);
diff --git a/src/nm-policy.c b/src/nm-policy.c
index 12bb43a..c13506e 100644
--- a/src/nm-policy.c
+++ b/src/nm-policy.c
@@ -55,6 +55,7 @@ struct NMPolicy {
 	gulong vpn_deactivated_id;
 
 	NMFirewallManager *fw_manager;
+	gulong fw_started_id;
 
 	NMSettings *settings;
 
@@ -1326,6 +1327,32 @@ inform_firewall_about_zone (NMPolicy *policy, NMConnection *connection)
 }
 
 static void
+firewall_started (NMFirewallManager *manager,
+                  gpointer user_data)
+{
+	NMPolicy *policy = (NMPolicy *) user_data;
+	NMConnection *connection;
+	NMSettingConnection *s_con;
+	GSList *iter, *devices;
+
+	devices = nm_manager_get_devices (policy->manager);
+	for (iter = devices; iter; iter = g_slist_next (iter)) {
+		NMDevice *dev = NM_DEVICE (iter->data);
+
+		connection = get_device_connection (dev);
+		s_con = nm_connection_get_setting_connection (connection);
+		if (nm_device_get_state (dev) == NM_DEVICE_STATE_ACTIVATED) {
+			nm_firewall_manager_add_to_zone (policy->fw_manager,
+			                                 nm_device_get_ip_iface (dev),
+			                                 nm_setting_connection_get_zone (s_con),
+			                                 add_to_zone_cb,
+			                                 g_object_ref (dev),
+			                                 NULL);
+		}
+	}
+}
+
+static void
 connection_updated (NMSettings *settings,
                     NMConnection *connection,
                     gpointer user_data)
@@ -1456,6 +1483,9 @@ nm_policy_new (NMManager *manager,
 	policy->vpn_deactivated_id = id;
 
 	policy->fw_manager = nm_firewall_manager_get();
+	id = g_signal_connect (policy->fw_manager, "started",
+	                       G_CALLBACK (firewall_started), policy);
+	policy->fw_started_id = id;
 
 	_connect_manager_signal (policy, "state-changed", global_state_changed);
 	_connect_manager_signal (policy, "notify::" NM_MANAGER_HOSTNAME, hostname_changed);
@@ -1501,6 +1531,7 @@ nm_policy_destroy (NMPolicy *policy)
 	g_signal_handler_disconnect (policy->vpn_manager, policy->vpn_deactivated_id);
 	g_object_unref (policy->vpn_manager);
 
+	g_signal_handler_disconnect (policy->fw_manager, policy->fw_started_id);
 	g_object_unref (policy->fw_manager);
 
 	for (iter = policy->manager_ids; iter; iter = g_slist_next (iter))
-- 
1.7.7.6
Follow-Ups:
- [PATCH 2/2] firewall-manager: changing the zone an interface belongs to
  - From: Jiri Popelka
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]