From b2c9302e8a4ad1ab7535a557b2f9c9aa49b49629 Mon Sep 17 00:00:00 2001

From: Eric Garver <eric@garver.life>

Date: Wed, 27 Oct 2021 11:09:39 -0400

Subject: [PATCH 43/50] fix(fw_config): zone: on rename remove then add

Remove the old object before creating the new one. This avoids issues

such as conflicting configuration in the objects that check_config() may

trip over.

(cherry picked from commit 3aec1dfe449d0bcb52884341770e4def0de27f56)

(cherry picked from commit a58b45d8ee3221309ec0c6f919c266b5cfc6f89a)

---

 src/firewall/core/fw_config.py | 11 +++++++----

 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/firewall/core/fw_config.py b/src/firewall/core/fw_config.py

index 148ce1b4e32c..a97d0b23a6ac 100644

--- a/src/firewall/core/fw_config.py

+++ b/src/firewall/core/fw_config.py

@@ -984,13 +984,16 @@ class FirewallConfig(object):

     def rename_zone(self, obj, name):

         self.check_builtin_zone(obj)

-        new_zone = self._copy_zone(obj, name)

+        obj_conf = obj.export_config_dict()

         self._remove_zone(obj)

+        try:

+            new_zone = self.new_zone_dict(name, obj_conf)

+        except:

+            # re-add original if rename failed

+            self.new_zone_dict(obj.name, obj_conf)

+            raise

         return new_zone

-    def _copy_zone(self, obj, name):

-        return self.new_zone_dict(name, obj.export_config_dict())

-

     # policy objects

     def get_policy_objects(self):

-- 

2.27.0