rpms / firewalld

Clone
Source Code
GIT

Blame SOURCES/0038-fix-nftables-do-not-log-icmp-block-if-inversion.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c8 c8-beta c8s c9 c9-beta
  1.   87a48e203f827db1100ad4e72f9cf59afeadf415
  2.   SOURCES
  3.   0038-fix-nftables-do-not-log-icmp-block-if-inversion.patch
Blob History Raw
87a48e 
From de28755c4e14224f6303c864327fffe7d2639268 Mon Sep 17 00:00:00 2001
87a48e 
From: Eric Garver <eric@garver.life>
87a48e 
Date: Mon, 13 Sep 2021 15:45:53 -0400
87a48e 
Subject: [PATCH 38/50] fix(nftables): do not log icmp block if inversion
87a48e
87a48e 
Fixes: #696
87a48e 
Fixes: rhbz1945833
87a48e 
(cherry picked from commit 50a5ed2d0fa6169c6780488dae931a3b4fce47ab)
87a48e 
(cherry picked from commit a451b033200b289c6fac823f7dce23c37a38a3d1)
87a48e 
---
87a48e 
 src/firewall/core/nftables.py | 2 +-
87a48e 
 1 file changed, 1 insertion(+), 1 deletion(-)
87a48e
87a48e 
diff --git a/src/firewall/core/nftables.py b/src/firewall/core/nftables.py
87a48e 
index e3ae988bbdab..29a9a2492032 100644
87a48e 
--- a/src/firewall/core/nftables.py
87a48e 
+++ b/src/firewall/core/nftables.py
87a48e 
@@ -1601,7 +1601,7 @@ class nftables(object):
87a48e 
                     rule.update(self._rich_rule_priority_fragment(rich_rule))
87a48e 
                     rules.append({add_del: {"rule": rule}})
87a48e 
             else:
87a48e 
-                if self._fw.get_log_denied() != "off" and self._fw.policy.query_icmp_block_inversion(policy):
87a48e 
+                if self._fw.get_log_denied() != "off" and not self._fw.policy.query_icmp_block_inversion(policy):
87a48e 
                     rules.append({add_del: {"rule": {"family": "inet",
87a48e 
                                                      "table": TABLE_NAME,
87a48e 
                                                      "chain": final_chain,
87a48e 
--
87a48e 
2.27.0
87a48e

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation