|
 |
843f86 |
From acc3cfe586947cd2d98d4b8b4303cca127ffc396 Mon Sep 17 00:00:00 2001
|
|
|
843f86 |
From: Thomas Woerner <twoerner@redhat.com>
|
|
|
843f86 |
Date: Mon, 22 May 2017 18:07:03 +0200
|
|
|
843f86 |
Subject: [PATCH 6/6] firewall.server.firewalld: New property for NAT helpers
|
|
|
843f86 |
supported by the kernel
|
|
|
843f86 |
|
|
|
843f86 |
The property nf_nat_helpers provides a dict with the nat helpers in a similar
|
|
|
843f86 |
way as nf_conntrack_helpers.
|
|
|
843f86 |
|
|
|
843f86 |
New description for the property nf_nat_helpers in firewalld.dbus man page.
|
|
|
843f86 |
|
|
|
843f86 |
Related: RHBZ#1452681
|
|
|
843f86 |
(cherry picked from commit 34558ad775afd9476c4ec5373b9bc9ee03a195af)
|
|
|
843f86 |
---
|
|
|
843f86 |
doc/xml/firewalld.dbus.xml | 4 ++++
|
|
|
843f86 |
src/firewall/server/firewalld.py | 11 +++++++----
|
|
|
843f86 |
2 files changed, 11 insertions(+), 4 deletions(-)
|
|
|
843f86 |
|
|
|
843f86 |
diff --git a/doc/xml/firewalld.dbus.xml b/doc/xml/firewalld.dbus.xml
|
|
|
843f86 |
index 52b5b3b0f955..92fe5c843dfc 100644
|
|
|
843f86 |
--- a/doc/xml/firewalld.dbus.xml
|
|
|
843f86 |
+++ b/doc/xml/firewalld.dbus.xml
|
|
|
843f86 |
@@ -467,6 +467,10 @@
|
|
|
843f86 |
<term><parameter>nf_conntrack_helpers</parameter> - a{sas} - (ro)</term>
|
|
|
843f86 |
<listitem><para>The list of conntrack helpers supported by the kernel.</para></listitem>
|
|
|
843f86 |
</varlistentry>
|
|
|
843f86 |
+ <varlistentry id="FirewallD1.Properties.nf_nat_helpers">
|
|
|
843f86 |
+ <term><parameter>nf_nat_helpers</parameter> - a{sas} - (ro)</term>
|
|
|
843f86 |
+ <listitem><para>The list of nat helpers supported by the kernel.</para></listitem>
|
|
|
843f86 |
+ </varlistentry>
|
|
|
843f86 |
<varlistentry id="FirewallD1.Properties.interface_version">
|
|
|
843f86 |
<term><parameter>interface_version</parameter> - s - (ro)</term>
|
|
|
843f86 |
<listitem><para>firewalld D-Bus interface version string.</para></listitem>
|
|
|
843f86 |
diff --git a/src/firewall/server/firewalld.py b/src/firewall/server/firewalld.py
|
|
|
843f86 |
index 8c4bd4f0c66a..9c5d463de793 100644
|
|
|
843f86 |
--- a/src/firewall/server/firewalld.py
|
|
|
843f86 |
+++ b/src/firewall/server/firewalld.py
|
|
|
843f86 |
@@ -182,6 +182,9 @@ class FirewallD(slip.dbus.service.Object):
|
|
|
843f86 |
elif prop == "nf_conntrack_helpers":
|
|
|
843f86 |
return dbus.Dictionary(self.fw.nf_conntrack_helpers, "sas")
|
|
|
843f86 |
|
|
|
843f86 |
+ elif prop == "nf_nat_helpers":
|
|
|
843f86 |
+ return dbus.Dictionary(self.fw.nf_nat_helpers, "sas")
|
|
|
843f86 |
+
|
|
|
843f86 |
else:
|
|
|
843f86 |
raise dbus.exceptions.DBusException(
|
|
|
843f86 |
"org.freedesktop.DBus.Error.InvalidArgs: "
|
|
|
843f86 |
@@ -222,8 +225,8 @@ class FirewallD(slip.dbus.service.Object):
|
|
|
843f86 |
for x in [ "version", "interface_version", "state",
|
|
|
843f86 |
"IPv4", "IPv6", "IPv6_rpfilter", "BRIDGE",
|
|
|
843f86 |
"IPSet", "IPSetTypes", "nf_conntrack_helper_setting",
|
|
|
843f86 |
- "nf_conntrack_helpers", "IPv4ICMPTypes",
|
|
|
843f86 |
- "IPv6ICMPTypes" ]:
|
|
|
843f86 |
+ "nf_conntrack_helpers", "nf_nat_helpers",
|
|
|
843f86 |
+ "IPv4ICMPTypes", "IPv6ICMPTypes" ]:
|
|
|
843f86 |
ret[x] = self._get_property(x)
|
|
|
843f86 |
elif interface_name in [ config.dbus.DBUS_INTERFACE_ZONE,
|
|
|
843f86 |
config.dbus.DBUS_INTERFACE_DIRECT,
|
|
|
843f86 |
@@ -253,8 +256,8 @@ class FirewallD(slip.dbus.service.Object):
|
|
|
843f86 |
"IPv4", "IPv6", "IPv6_rpfilter", "BRIDGE",
|
|
|
843f86 |
"IPSet", "IPSetTypes",
|
|
|
843f86 |
"nf_conntrack_helper_setting",
|
|
|
843f86 |
- "nf_conntrack_helpers", "IPv4ICMPTypes",
|
|
|
843f86 |
- "IPv6ICMPTypes" ]:
|
|
|
843f86 |
+ "nf_conntrack_helpers", "nf_nat_helpers",
|
|
|
843f86 |
+ "IPv4ICMPTypes", "IPv6ICMPTypes" ]:
|
|
|
843f86 |
raise dbus.exceptions.DBusException(
|
|
|
843f86 |
"org.freedesktop.DBus.Error.PropertyReadOnly: "
|
|
|
843f86 |
"Property '%s' is read-only" % property_name)
|
|
|
843f86 |
--
|
|
|
843f86 |
2.12.0
|
|
|
843f86 |
|