[PATCH v3 1/5] util: add virFirewallDGetPolicies()

Eric Garver <eric@xxxxxxxxxxx> · Thu, 22 Sep 2022 11:13:20 -0400

Signed-off-by: Eric Garver <eric@xxxxxxxxxxx>
---
 src/libvirt_private.syms |  1 +
 src/util/virfirewalld.c  | 41 ++++++++++++++++++++++++++++++++++++++++
 src/util/virfirewalld.h  |  1 +
 3 files changed, 43 insertions(+)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 25794bc2f417..32c8bdeb23ee 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2370,6 +2370,7 @@ virFirewallStartTransaction;
 # util/virfirewalld.h
 virFirewallDApplyRule;
 virFirewallDGetBackend;
+virFirewallDGetPolicies;
 virFirewallDGetVersion;
 virFirewallDGetZones;
 virFirewallDInterfaceSetZone;
diff --git a/src/util/virfirewalld.c b/src/util/virfirewalld.c
index c909901833f7..0912508dbc45 100644
--- a/src/util/virfirewalld.c
+++ b/src/util/virfirewalld.c
@@ -223,6 +223,47 @@ virFirewallDGetZones(char ***zones, size_t *nzones)
     return 0;
 }
 
+/**
+ * virFirewallDGetPolicies:
+ * @policies: array of char *, each entry is a null-terminated policy name
+ * @npolicies: number of entries in @policies
+ *
+ * Get the number of currently active firewalld policies, and their names
+ * in an array of null-terminated strings. The memory pointed to by
+ * @policies will belong to the caller, and must be freed.
+ *
+ * Returns 0 on success, -1 (and failure logged) on error
+ */
+int
+virFirewallDGetPolicies(char ***policies, size_t *npolicies)
+{
+    GDBusConnection *sysbus = virGDBusGetSystemBus();
+    g_autoptr(GVariant) reply = NULL;
+    g_autoptr(GVariant) array = NULL;
+
+    *npolicies = 0;
+    *policies = NULL;
+
+    if (!sysbus)
+        return -1;
+
+    if (virGDBusCallMethod(sysbus,
+                           &reply,
+                           G_VARIANT_TYPE("(as)"),
+                           NULL,
+                           VIR_FIREWALL_FIREWALLD_SERVICE,
+                           "/org/fedoraproject/FirewallD1",
+                           "org.fedoraproject.FirewallD1.policy",
+                           "getPolicies",
+                           NULL) < 0)
+        return -1;
+
+    g_variant_get(reply, "(@as)", &array);
+    *policies = g_variant_dup_strv(array, npolicies);
+
+    return 0;
+}
+
 
 /**
  * virFirewallDZoneExists:
diff --git a/src/util/virfirewalld.h b/src/util/virfirewalld.h
index c396802a2f56..ef05896e2b8b 100644
--- a/src/util/virfirewalld.h
+++ b/src/util/virfirewalld.h
@@ -33,6 +33,7 @@ int virFirewallDGetVersion(unsigned long *version);
 int virFirewallDGetBackend(void);
 int virFirewallDIsRegistered(void);
 int virFirewallDGetZones(char ***zones, size_t *nzones);
+int virFirewallDGetPolicies(char ***policies, size_t *npolicies);
 bool virFirewallDZoneExists(const char *match);
 int virFirewallDApplyRule(virFirewallLayer layer,
                           char **args, size_t argsLen,
-- 
2.35.3







