[PATCH 3/5] util: new function virFirewallDInterfaceSetZone()

Laine Stump <laine@xxxxxxxxx> · Wed, 9 Jan 2019 21:57:35 -0500

Sets the firewalld zone of the given interface. This function assumes
that you've already called virFirewallDIsActive(), and relies on
virDBusCallMethod's standard error reporting to log any errors.

Signed-off-by: Laine Stump <laine@xxxxxxxxx>
---
 src/libvirt_private.syms |  1 +
 src/util/virfirewalld.c  | 23 +++++++++++++++++++++++
 src/util/virfirewalld.h  |  3 +++
 3 files changed, 27 insertions(+)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 583868f422..346e17f535 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1920,6 +1920,7 @@ virFirewallStartTransaction;
 
 # util/virfirewalld.h
 virFirewallDApplyRule;
+virFirewallDInterfaceSetZone;
 virFirewallDStatus;
 
 # util/virfirmware.h
diff --git a/src/util/virfirewalld.c b/src/util/virfirewalld.c
index 0dc2b3de08..7c5b37a5b2 100644
--- a/src/util/virfirewalld.c
+++ b/src/util/virfirewalld.c
@@ -126,3 +126,26 @@ virFirewallDApplyRule(virFirewallLayer layer,
     virDBusMessageUnref(reply);
     return ret;
 }
+
+
+int
+virFirewallDInterfaceSetZone(const char *iface,
+                             const char *zone)
+{
+    DBusConnection *sysbus = virDBusGetSystemBus();
+    DBusMessage *reply = NULL;
+
+    if (!sysbus)
+        return -1;
+
+    return virDBusCallMethod(sysbus,
+                             &reply,
+                             NULL,
+                             VIR_FIREWALL_FIREWALLD_SERVICE,
+                             "/org/fedoraproject/FirewallD1",
+                             "org.fedoraproject.FirewallD1.zone",
+                             "changeZoneOfInterface",
+                             "ss",
+                             zone,
+                             iface);
+}
diff --git a/src/util/virfirewalld.h b/src/util/virfirewalld.h
index c1c929399a..471176d652 100644
--- a/src/util/virfirewalld.h
+++ b/src/util/virfirewalld.h
@@ -30,4 +30,7 @@ int virFirewallDApplyRule(virFirewallLayer layer,
                           bool ignoreErrors,
                           char **output);
 
+int virFirewallDInterfaceSetZone(const char *iface,
+                                 const char *zone);
+
 #endif /* LIBVIRT_VIRFIREWALLD_H */
-- 
2.20.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list






