From 03871c1e06b2384442b0e4f359e848d25e380875 Mon Sep 17 00:00:00 2001
From: Eric Garver <e@erig.me>
Date: Wed, 28 Nov 2018 10:14:19 -0500
Subject: [PATCH 23/34] firewall-config: support rich rule priorities
(cherry picked from commit e7998960fb285120b3b97e163bb87e25976d22d0)
---
src/firewall-config.glade | 163 ++++++++++++--------------------------
src/firewall-config.in | 33 ++++++--
2 files changed, 76 insertions(+), 120 deletions(-)
diff --git a/src/firewall-config.glade b/src/firewall-config.glade
index 75c229b408fd..689433c47eca 100644
--- a/src/firewall-config.glade
+++ b/src/firewall-config.glade
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!-- Generated with glade 3.20.2 -->
+<!-- Generated with glade 3.20.0 -->
<interface>
<requires lib="gtk+" version="3.6"/>
<!-- interface-local-resource-path icons -->
@@ -31,9 +31,6 @@
</child>
</object>
</child>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="addressDialog">
<property name="can_focus">False</property>
@@ -169,9 +166,6 @@
<action-widget response="-1">addressDialogCancelButton</action-widget>
<action-widget response="1">addressDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="automaticHelpersDialog">
<property name="can_focus">False</property>
@@ -292,9 +286,6 @@
<action-widget response="-1">automaticHelpersDialogCancelButton</action-widget>
<action-widget response="1">automaticHelpersDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="commandDialog">
<property name="can_focus">False</property>
@@ -414,9 +405,6 @@
<action-widget response="-1">commandDialogCancelButton</action-widget>
<action-widget response="1">commandDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="contextDialog">
<property name="can_focus">False</property>
@@ -536,9 +524,6 @@
<action-widget response="-1">contextDialogCancelButton</action-widget>
<action-widget response="1">contextDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="defaultZoneDialog">
<property name="width_request">200</property>
@@ -660,9 +645,6 @@
<action-widget response="-1">portDialogCancelButton1</action-widget>
<action-widget response="1">defaultZoneDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="directChainDialog">
<property name="can_focus">False</property>
@@ -862,9 +844,6 @@
<action-widget response="-1">directChainDialogCancelButton</action-widget>
<action-widget response="1">directChainDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="directPassthroughDialog">
<property name="can_focus">False</property>
@@ -1028,9 +1007,6 @@
<action-widget response="-1">directPassthroughDialogCancelButton</action-widget>
<action-widget response="1">directPassthroughDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="forwardDialog">
<property name="width_request">200</property>
@@ -1369,9 +1345,6 @@
<action-widget response="-1">button15</action-widget>
<action-widget response="1">forwardDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="helperBaseDialog">
<property name="can_focus">False</property>
@@ -1715,9 +1688,6 @@
<action-widget response="-1">helperBaseDialogCancelButton</action-widget>
<action-widget response="1">helperBaseDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="helperDialog">
<property name="height_request">300</property>
@@ -1832,9 +1802,6 @@
<action-widget response="-1">helperDialogCancelButton</action-widget>
<action-widget response="1">helperDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="icmpBaseDialog">
<property name="can_focus">False</property>
@@ -2070,9 +2037,6 @@
<action-widget response="-1">icmpBaseDialogCancelButton</action-widget>
<action-widget response="1">icmpBaseDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="icmptypeDialog">
<property name="height_request">300</property>
@@ -2186,9 +2150,6 @@
<action-widget response="-1">icmptypeDialogCancelButton</action-widget>
<action-widget response="1">icmptypeDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkImage" id="image1">
<property name="visible">True</property>
@@ -7852,9 +7813,6 @@
<action-widget response="-1">interfaceDialogCancelButton</action-widget>
<action-widget response="1">interfaceDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="ipsetBaseDialog">
<property name="can_focus">False</property>
@@ -8258,9 +8216,6 @@
<action-widget response="-1">ipsetBaseDialogCancelButton</action-widget>
<action-widget response="1">ipsetBaseDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="ipsetDialog">
<property name="width_request">300</property>
@@ -8375,9 +8330,6 @@
<action-widget response="-1">ipsetDialogCancelButton</action-widget>
<action-widget response="1">ipsetDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="ipsetEntryDialog">
<property name="can_focus">False</property>
@@ -8541,9 +8493,6 @@
<action-widget response="-1">ipsetEntryDialogCancelButton</action-widget>
<action-widget response="1">ipsetEntryDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="logDeniedDialog">
<property name="can_focus">False</property>
@@ -8664,9 +8613,6 @@
<action-widget response="-1">logDeniedDialogCancelButton</action-widget>
<action-widget response="1">logDeniedDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkTextBuffer" id="logTextBuffer"/>
<object class="GtkDialog" id="macDialog">
@@ -8789,9 +8735,6 @@
<action-widget response="-1">macDialogCancelButton</action-widget>
<action-widget response="1">macDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="markDialog">
<property name="can_focus">False</property>
@@ -8969,9 +8912,6 @@
<action-widget response="-1">markDialogCancelButton</action-widget>
<action-widget response="1">markDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="moduleDialog">
<property name="can_focus">False</property>
@@ -9139,9 +9079,6 @@
<action-widget response="-1">moduleDialogCancelButton</action-widget>
<action-widget response="1">moduleDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="portDialog">
<property name="can_focus">False</property>
@@ -9307,9 +9244,6 @@
<action-widget response="-1">portDialogCancelButton</action-widget>
<action-widget response="1">portDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkAdjustment" id="priority_adjustment">
<property name="lower">-99999999</property>
@@ -9563,9 +9497,6 @@
<action-widget response="-1">directRuleDialogCancelButton</action-widget>
<action-widget response="1">directRuleDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="protoDialog">
<property name="can_focus">False</property>
@@ -9744,9 +9675,12 @@
<action-widget response="-1">protoDialogCancelButton</action-widget>
<action-widget response="1">protoDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
+ </object>
+ <object class="GtkAdjustment" id="rich_rule_priority_adjustment">
+ <property name="lower">-32768</property>
+ <property name="upper">32767</property>
+ <property name="step_increment">1</property>
+ <property name="page_increment">10</property>
</object>
<object class="GtkDialog" id="richRuleDialog">
<property name="can_focus">False</property>
@@ -9855,7 +9789,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">6</property>
+ <property name="top_attach">7</property>
</packing>
</child>
<child>
@@ -9868,7 +9802,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">8</property>
+ <property name="top_attach">9</property>
</packing>
</child>
<child>
@@ -9884,7 +9818,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">10</property>
+ <property name="top_attach">11</property>
</packing>
</child>
<child>
@@ -9900,7 +9834,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">12</property>
+ <property name="top_attach">13</property>
</packing>
</child>
<child>
@@ -10024,7 +9958,7 @@
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">6</property>
+ <property name="top_attach">7</property>
</packing>
</child>
<child>
@@ -10113,7 +10047,7 @@
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">8</property>
+ <property name="top_attach">9</property>
</packing>
</child>
<child>
@@ -10375,7 +10309,7 @@
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">4</property>
+ <property name="top_attach">5</property>
</packing>
</child>
<child>
@@ -10541,7 +10475,7 @@
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">10</property>
+ <property name="top_attach">11</property>
</packing>
</child>
<child>
@@ -10627,7 +10561,7 @@
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">12</property>
+ <property name="top_attach">13</property>
</packing>
</child>
<child>
@@ -10724,7 +10658,7 @@
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">2</property>
+ <property name="top_attach">3</property>
</packing>
</child>
<child>
@@ -10753,7 +10687,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">2</property>
+ <property name="top_attach">3</property>
</packing>
</child>
<child>
@@ -10763,7 +10697,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">1</property>
+ <property name="top_attach">2</property>
<property name="width">2</property>
</packing>
</child>
@@ -10774,7 +10708,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">3</property>
+ <property name="top_attach">4</property>
<property name="width">2</property>
</packing>
</child>
@@ -10785,7 +10719,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">5</property>
+ <property name="top_attach">6</property>
<property name="width">2</property>
</packing>
</child>
@@ -10796,7 +10730,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">7</property>
+ <property name="top_attach">8</property>
<property name="width">2</property>
</packing>
</child>
@@ -10807,7 +10741,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">9</property>
+ <property name="top_attach">10</property>
<property name="width">2</property>
</packing>
</child>
@@ -10818,7 +10752,7 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">11</property>
+ <property name="top_attach">12</property>
<property name="width">2</property>
</packing>
</child>
@@ -10835,7 +10769,33 @@
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">4</property>
+ <property name="top_attach">5</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkLabel">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="label" translatable="yes">Priority:</property>
+ <property name="xalign">1</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">1</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkSpinButton" id="richRuleDialogPriorityEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="input_purpose">number</property>
+ <property name="adjustment">rich_rule_priority_adjustment</property>
+ <property name="numeric">True</property>
+ <signal name="value-changed" handler="on_richRuleDialog_changed" swapped="no"/>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">1</property>
</packing>
</child>
</object>
@@ -10858,9 +10818,6 @@
<action-widget response="-1">richRuleDialogCancelButton</action-widget>
<action-widget response="1">richRuleDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="serviceBaseDialog">
<property name="can_focus">False</property>
@@ -11095,9 +11052,6 @@
<action-widget response="-1">serviceBaseDialogCancelButton</action-widget>
<action-widget response="1">serviceBaseDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="serviceDialog">
<property name="height_request">300</property>
@@ -11211,9 +11165,6 @@
<action-widget response="-1">serviceDialogCancelButton</action-widget>
<action-widget response="1">serviceDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="sourceDialog">
<property name="can_focus">False</property>
@@ -11393,9 +11344,6 @@
<action-widget response="-1">sourceDialogCancelButton</action-widget>
<action-widget response="1">sourceDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="uidDialog">
<property name="can_focus">False</property>
@@ -11517,9 +11465,6 @@
<action-widget response="-1">uidDialogCancelButton</action-widget>
<action-widget response="1">uidDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkDialog" id="userDialog">
<property name="can_focus">False</property>
@@ -11640,9 +11585,6 @@
<action-widget response="-1">userDialogCancelButton</action-widget>
<action-widget response="1">userDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
<object class="GtkWindow" id="waitingWindow">
<property name="can_focus">False</property>
@@ -12033,8 +11975,5 @@
<action-widget response="-1">zoneBaseDialogCancelButton</action-widget>
<action-widget response="1">zoneBaseDialogOkButton</action-widget>
</action-widgets>
- <child>
- <placeholder/>
- </child>
</object>
</interface>
diff --git a/src/firewall-config.in b/src/firewall-config.in
index c19541b0ce82..373f431685cc 100755
--- a/src/firewall-config.in
+++ b/src/firewall-config.in
@@ -810,6 +810,7 @@ class FirewallConfig(object):
self.richRuleView = builder.get_object("richRuleView")
self.richRuleStore = Gtk.ListStore(GObject.TYPE_PYOBJECT, # the rule obj
GObject.TYPE_STRING, # ipv4/ipv6
+ GObject.TYPE_INT, # priority
GObject.TYPE_STRING, # action
GObject.TYPE_STRING, # element
GObject.TYPE_STRING, # source
@@ -820,18 +821,21 @@ class FirewallConfig(object):
self.richRuleView.append_column(
Gtk.TreeViewColumn(_("Family"), Gtk.CellRendererText(), text=1))
self.richRuleView.append_column(
- Gtk.TreeViewColumn(_("Action"), Gtk.CellRendererText(), text=2))
+ Gtk.TreeViewColumn(_("Priority"), Gtk.CellRendererText(), text=2))
self.richRuleView.append_column(
- Gtk.TreeViewColumn(_("Element"), Gtk.CellRendererText(), text=3))
+ Gtk.TreeViewColumn(_("Action"), Gtk.CellRendererText(), text=3))
self.richRuleView.append_column(
- Gtk.TreeViewColumn(_("Src"), Gtk.CellRendererText(), text=4))
+ Gtk.TreeViewColumn(_("Element"), Gtk.CellRendererText(), text=4))
self.richRuleView.append_column(
- Gtk.TreeViewColumn(_("Dest"), Gtk.CellRendererText(), text=5))
+ Gtk.TreeViewColumn(_("Src"), Gtk.CellRendererText(), text=5))
self.richRuleView.append_column(
- Gtk.TreeViewColumn(_("log"), Gtk.CellRendererText(), text=6))
+ Gtk.TreeViewColumn(_("Dest"), Gtk.CellRendererText(), text=6))
self.richRuleView.append_column(
- Gtk.TreeViewColumn(_("Audit"), Gtk.CellRendererText(), text=7))
+ Gtk.TreeViewColumn(_("log"), Gtk.CellRendererText(), text=7))
+ self.richRuleView.append_column(
+ Gtk.TreeViewColumn(_("Audit"), Gtk.CellRendererText(), text=8))
self.richRuleView.set_model(self.richRuleStore)
+ self.richRuleStore.set_sort_column_id(2, Gtk.SortType.ASCENDING)
self.richRuleView.get_selection().connect( \
"changed", self.change_rich_rule_selection_cb)
@@ -848,6 +852,8 @@ class FirewallConfig(object):
self.richRuleDialogFamilyCombobox = builder.get_object( \
"richRuleDialogFamilyCombobox")
+ self.richRuleDialogPriorityEntry = builder.get_object( \
+ "richRuleDialogPriorityEntry")
self.richRuleDialogElementCheck = builder.get_object( \
"richRuleDialogElementCheck")
self.richRuleDialogElementBox = builder.get_object( \
@@ -2021,6 +2027,7 @@ class FirewallConfig(object):
def _add_rich_rule(self, obj):
family = "all"
+ priority = 0
src = ""
dest = ""
elem = ""
@@ -2030,6 +2037,8 @@ class FirewallConfig(object):
if obj.family:
family = obj.family
+ if obj.priority:
+ priority = obj.priority
if obj.action:
if type(obj.action) == rich.Rich_Accept:
action = _("accept")
@@ -2096,8 +2105,8 @@ class FirewallConfig(object):
if audit == "":
audit = _("yes")
- self.richRuleStore.append([obj, family, action, elem, src, dest, log,
- audit])
+ self.richRuleStore.append([obj, family, priority, action, elem, src,
+ dest, log, audit])
def richrule_added_cb(self, zone, rule, timeout):
if not self.runtime_view or zone != self.get_selected_zone():
@@ -3085,6 +3094,7 @@ class FirewallConfig(object):
def add_edit_rich_rule(self, add):
self.richRuleDialogFamilyCombobox.set_active(0)
+ self.richRuleDialogPriorityEntry.set_value(0)
self.richRuleDialogElementCheck.set_active(False)
self.richRuleDialogElementCombobox.set_active(0)
self.richRuleDialogElementChooser.set_text("")
@@ -3143,6 +3153,8 @@ class FirewallConfig(object):
if old_obj.family in [ "ipv4", "ipv6" ]:
combobox_select_text(self.richRuleDialogFamilyCombobox,
old_obj.family, insensitive=True)
+ if old_obj.priority != 0:
+ self.richRuleDialogPriorityEntry.set_value(old_obj.priority)
if old_obj.element:
self.richRuleDialogElementCheck.set_active(True)
@@ -3633,6 +3645,11 @@ class FirewallConfig(object):
else:
rule = rich.Rich_Rule() # ipv4+ipv6 rule
+ # priority
+ priority = self.richRuleDialogPriorityEntry.get_value_as_int()
+ if priority != 0:
+ rule.priority = priority
+
# element
if self.richRuleDialogElementCheck.get_active():
combolabel = self.richRuleDialogElementCombobox.get_active_text()
--
2.18.0