From a79321b79b0543cff0c99702c1ab9eeaab8bfe06 Mon Sep 17 00:00:00 2001

From: Eric Garver <eric@garver.life>

Date: Thu, 3 Jun 2021 11:42:58 -0400

Subject: [PATCH 33/36] fix(policy): warn instead of error for overlapping

 ports

Fixes: rhbz 1914935

(cherry picked from commit b71e532bc21fb6a06345b5ecfeb60683c7a194e9)

(cherry picked from commit 66ca4b0fd9588d60d31998ad792f04962053aaab)

---

 src/firewall/core/fw_policy.py | 16 ++++++++++++++--

 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/firewall/core/fw_policy.py b/src/firewall/core/fw_policy.py

index 3f5dab808ff0..79a52d8d97c0 100644

--- a/src/firewall/core/fw_policy.py

+++ b/src/firewall/core/fw_policy.py

@@ -98,11 +98,23 @@ class FirewallPolicy(object):

         for args in obj.services:

             self.add_service(policy, args)

         for args in obj.ports:

-            self.add_port(policy, *args)

+            try:

+                self.add_port(policy, *args)

+            except FirewallError as error:

+                if error.code in [errors.ALREADY_ENABLED]:

+                    log.warning(error)

+                else:

+                    raise error

         for args in obj.protocols:

             self.add_protocol(policy, args)

         for args in obj.source_ports:

-            self.add_source_port(policy, *args)

+            try:

+                self.add_source_port(policy, *args)

+            except FirewallError as error:

+                if error.code in [errors.ALREADY_ENABLED]:

+                    log.warning(error)

+                else:

+                    raise error

         for args in obj.rules:

             self.add_rule(policy, args)

         if obj.masquerade:

-- 

2.27.0