From 1254cf169249fa75ff9838df48402c936e706426 Mon Sep 17 00:00:00 2001
From: Eric Garver <eric@garver.life>
Date: Thu, 2 May 2019 11:47:25 -0400
Subject: [PATCH 40/73] fix: propagate exception if backend fails with
IndividualCalls=yes
They were being logged, but not propagated. They need to be propagated
so things like reload() can enter FAILED state.
(cherry picked from commit 360d40a075f5b72e93d941297cc0badf036e53e3)
(cherry picked from commit fba166f79f1fac5e94a97c18369f36d13cab1bd6)
---
src/firewall/core/fw.py | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/firewall/core/fw.py b/src/firewall/core/fw.py
index 876c43392b1b..114d41090042 100644
--- a/src/firewall/core/fw.py
+++ b/src/firewall/core/fw.py
@@ -882,7 +882,6 @@ class Firewall(object):
backend.set_rule(rule, self._log_denied)
except Exception as msg:
log.debug1(traceback.format_exc())
- log.error("Failed to apply rules. A firewall reload might solve the issue if the firewall has been modified using ip*tables or ebtables.")
log.error(msg)
for rule in reversed(_rules[:i]):
try:
@@ -890,7 +889,7 @@ class Firewall(object):
except Exception:
# ignore errors here
pass
- return False
+ raise msg
return True
else:
return backend.set_rules(_rules, self._log_denied)
--
2.20.1