rpms/firewalld
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Backport fix for RHBZ#1466093

Browse Source
This commit is contained in:
Adam Williamson 2018-04-21 12:35:35 -07:00
parent 1577a1a931
commit 3bfa289cc6
2 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
0001-firewall-core-fw_transaction.py-Remove-deduplication.patch Normal file
View File

@ -0,0 +1,34 @@
From d96999931f66819db3f146f750a4c14997a50c27 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Thu, 1 Feb 2018 16:44:21 +0100
Subject: [PATCH] firewall/core/fw_transaction.py: Remove deduplication in
add_rule
Loading services from permanent configuration containing the same port numbers
results in deduplication of the rules. This then results in an error if the
second service gets removed from the zone.
Fixes: RHBZ#1534571
Closes: #288
(cherry picked from commit 54835164f610593eedd71f0a7ae62ac5258d2187)
---
src/firewall/core/fw_transaction.py | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/firewall/core/fw_transaction.py b/src/firewall/core/fw_transaction.py
index 4e284687..9f167c37 100644
--- a/src/firewall/core/fw_transaction.py
+++ b/src/firewall/core/fw_transaction.py
@@ -128,8 +128,7 @@ class SimpleFirewallTransaction(object):
self.generous_mode = False
def add_rule(self, ipv, rule):
- if ipv not in self.rules or rule not in self.rules[ipv]:
- self.rules.setdefault(ipv, [ ]).append(rule)
+ self.rules.setdefault(ipv, [ ]).append(rule)
def query_rule(self, ipv, rule):
return ipv in self.rules and rule in self.rules[ipv]
--
2.14.3

8
firewalld.spec
View File

@ -8,7 +8,7 @@
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
Name: firewalld Name: firewalld
Version: 0.4.4.5 Version: 0.4.4.5
Release: 3%{?dist} Release: 4%{?dist}
URL: http://www.firewalld.org URL: http://www.firewalld.org
License: GPLv2+ License: GPLv2+
Source0: https://github.com/t-woerner/firewalld/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source0: https://github.com/t-woerner/firewalld/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
@ -21,6 +21,8 @@ Patch0: firewalld-0.2.6-MDNS-default.patch
%endif %endif
Patch1: firewalld-0.4.4.5-rich_source_validation-d69b7cb.patch Patch1: firewalld-0.4.4.5-rich_source_validation-d69b7cb.patch
Patch2: firewalld-0.4.4.5-ipv6_icmptype_only_rich_rule_fix-cf50bd0.patch Patch2: firewalld-0.4.4.5-ipv6_icmptype_only_rich_rule_fix-cf50bd0.patch
# Backported fix for RHBZ#1466093 / RHBZ#1534571
Patch3: 0001-firewall-core-fw_transaction.py-Remove-deduplication.patch
BuildArch: noarch BuildArch: noarch
BuildRequires: desktop-file-utils BuildRequires: desktop-file-utils
BuildRequires: gettext BuildRequires: gettext
@ -162,6 +164,7 @@ firewalld.
%endif %endif
%patch1 -p1 -b .rich_source_validation-d69b7cb %patch1 -p1 -b .rich_source_validation-d69b7cb
%patch2 -p1 -b .ipv6_icmptype_only_rich_rule_fix-cf50bd0 %patch2 -p1 -b .ipv6_icmptype_only_rich_rule_fix-cf50bd0
%patch3 -p1 -b .deduplication-6339c1d7
./autogen.sh ./autogen.sh
%if 0%{?with_python3} %if 0%{?with_python3}
@ -436,6 +439,9 @@ fi
%{_mandir}/man1/firewall-config*.1* %{_mandir}/man1/firewall-config*.1*
%changelog %changelog
* Sat Apr 21 2018 Adam Williamson <awilliam@redhat.com> - 0.4.4.5-4
- Backport fix for RHBZ#1466093
* Mon Jul 31 2017 Thomas Woerner <twoerner@redhat.com> - 0.4.4.5-3 * Mon Jul 31 2017 Thomas Woerner <twoerner@redhat.com> - 0.4.4.5-3
- Fix spec file for next RHEL versions - Fix spec file for next RHEL versions