|
 |
136e2c |
From 75ab7dbbf5a14be70d054fa153390d32acc5f805 Mon Sep 17 00:00:00 2001
|
|
|
c7c3fd |
From: Eric Garver <eric@garver.life>
|
|
|
c7c3fd |
Date: Thu, 6 Jun 2019 12:25:08 -0400
|
|
|
136e2c |
Subject: [PATCH 62/73] fix: rich rule destination with services
|
|
|
c7c3fd |
|
|
|
c7c3fd |
Fixes: rhbz 1715977
|
|
|
c7c3fd |
(cherry picked from commit d3bd517c7deb44d42129017b3c471ccdf1c32b57)
|
|
|
c7c3fd |
(cherry picked from commit 9cd642933d41a983c4cbdef6aa936151e89a05ef)
|
|
|
c7c3fd |
---
|
|
|
c7c3fd |
src/firewall/core/fw_zone.py | 7 ++++---
|
|
|
c7c3fd |
1 file changed, 4 insertions(+), 3 deletions(-)
|
|
|
c7c3fd |
|
|
|
c7c3fd |
diff --git a/src/firewall/core/fw_zone.py b/src/firewall/core/fw_zone.py
|
|
|
136e2c |
index 90ae1036f124..1f33b5504d54 100644
|
|
|
c7c3fd |
--- a/src/firewall/core/fw_zone.py
|
|
|
c7c3fd |
+++ b/src/firewall/core/fw_zone.py
|
|
|
136e2c |
@@ -1582,17 +1582,18 @@ class FirewallZone(object):
|
|
|
c7c3fd |
if type(rule.element) == Rich_Service:
|
|
|
c7c3fd |
svc = self._fw.service.get_service(rule.element.name)
|
|
|
c7c3fd |
|
|
|
c7c3fd |
- destinations = [rule.destination] if rule.destination else [None]
|
|
|
c7c3fd |
-
|
|
|
c7c3fd |
+ destinations = []
|
|
|
c7c3fd |
if len(svc.destination) > 0:
|
|
|
c7c3fd |
if rule.destination:
|
|
|
c7c3fd |
# we can not use two destinations at the same time
|
|
|
c7c3fd |
raise FirewallError(errors.INVALID_RULE,
|
|
|
c7c3fd |
"Destination conflict with service.")
|
|
|
c7c3fd |
- destinations = []
|
|
|
c7c3fd |
for ipv in ipvs:
|
|
|
c7c3fd |
if ipv in svc.destination and backend.is_ipv_supported(ipv):
|
|
|
c7c3fd |
destinations.append(svc.destination[ipv])
|
|
|
c7c3fd |
+ else:
|
|
|
c7c3fd |
+ # dummy for the following for loop
|
|
|
c7c3fd |
+ destinations.append(None)
|
|
|
c7c3fd |
|
|
|
c7c3fd |
for destination in destinations:
|
|
|
c7c3fd |
if enable:
|
|
|
c7c3fd |
--
|
|
|
136e2c |
2.20.1
|
|
|
c7c3fd |
|