From 0dc5116a02ca03a3b78f5e5c653ebc783d2cdf2e Mon Sep 17 00:00:00 2001 From: Eric Garver Date: Thu, 6 Jun 2019 12:25:08 -0400 Subject: [PATCH 42/43] fix: rich rule destination with services Fixes: rhbz 1715977 (cherry picked from commit d3bd517c7deb44d42129017b3c471ccdf1c32b57) (cherry picked from commit 9cd642933d41a983c4cbdef6aa936151e89a05ef) --- src/firewall/core/fw_zone.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/firewall/core/fw_zone.py b/src/firewall/core/fw_zone.py index 31d7d6a168a8..e6eb299dec71 100644 --- a/src/firewall/core/fw_zone.py +++ b/src/firewall/core/fw_zone.py @@ -1575,17 +1575,18 @@ class FirewallZone(object): if type(rule.element) == Rich_Service: svc = self._fw.service.get_service(rule.element.name) - destinations = [rule.destination] if rule.destination else [None] - + destinations = [] if len(svc.destination) > 0: if rule.destination: # we can not use two destinations at the same time raise FirewallError(errors.INVALID_RULE, "Destination conflict with service.") - destinations = [] for ipv in ipvs: if ipv in svc.destination and backend.is_ipv_supported(ipv): destinations.append(svc.destination[ipv]) + else: + # dummy for the following for loop + destinations.append(None) for destination in destinations: if enable: -- 2.23.0