From 808f10c2fcf38d756f1f7f8814d27894fc9f369f Mon Sep 17 00:00:00 2001
From: Eric Garver <e@erig.me>
Date: Mon, 17 Dec 2018 12:53:30 -0500
Subject: [PATCH 1/4] nftables: Allow interfaces with wildcards

Fixes: rhbz 1644025
(cherry picked from commit aa01eda4c87dd7b5c1f1e884fc7332c6317fed02)
---
 src/firewall/core/nftables.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/firewall/core/nftables.py b/src/firewall/core/nftables.py
index 8e24721c94f5..d0d1f6d1610d 100644
--- a/src/firewall/core/nftables.py
+++ b/src/firewall/core/nftables.py
@@ -529,6 +529,9 @@ class nftables(object):
             "OUTPUT": "oifname",
         }[chain]
 
+        if interface[len(interface)-1] == "+":
+            interface = interface[:len(interface)-1] + "*"
+
         target = DEFAULT_ZONE_TARGET.format(chain=SHORTCUTS[chain], zone=zone)
         if zone_target == DEFAULT_ZONE_TARGET:
             action = "goto"
@@ -540,10 +543,10 @@ class nftables(object):
             rule = ["add", "rule", family, "%s" % TABLE_NAME, "%s_%s_ZONES" % (table, chain)]
         else:
             rule = ["delete", "rule", family, "%s" % TABLE_NAME, "%s_%s_ZONES" % (table, chain)]
-        if interface == "+":
+        if interface == "*":
             rule += [action, "%s_%s" % (table, target)]
         else:
-            rule += [opt, interface, action, "%s_%s" % (table, target)]
+            rule += [opt, "\"" + interface + "\"", action, "%s_%s" % (table, target)]
         return [rule]
 
     def build_zone_source_address_rules(self, enable, zone, zone_target,
-- 
2.18.0