diff -up firewalld-0.3.9/src/firewall/client.py.RHBZ#1127706_add firewalld-0.3.9/src/firewall/client.py --- firewalld-0.3.9/src/firewall/client.py.RHBZ#1127706_add 2014-10-20 21:34:59.494457458 +0200 +++ firewalld-0.3.9/src/firewall/client.py 2014-10-20 21:34:59.507457303 +0200 @@ -462,7 +462,7 @@ class FirewallClientConfigZone(object): @slip.dbus.polkit.enable_proxy @handle_exceptions def setMasquerade(self, masquerade): - self.fw_zone.setMasquerades(masquerade) + self.fw_zone.setMasquerade(masquerade) @slip.dbus.polkit.enable_proxy @handle_exceptions @@ -494,16 +494,28 @@ class FirewallClientConfigZone(object): @slip.dbus.polkit.enable_proxy @handle_exceptions def addForwardPort(self, port, protocol, toport, toaddr): + if toport is None: + toport = '' + if toaddr is None: + toaddr = '' self.fw_zone.addForwardPort(port, protocol, toport, toaddr) @slip.dbus.polkit.enable_proxy @handle_exceptions def removeForwardPort(self, port, protocol, toport, toaddr): + if toport is None: + toport = '' + if toaddr is None: + toaddr = '' self.fw_zone.removeForwardPort(port, protocol, toport, toaddr) @slip.dbus.polkit.enable_proxy @handle_exceptions def queryForwardPort(self, port, protocol, toport, toaddr): + if toport is None: + toport = '' + if toaddr is None: + toaddr = '' return self.fw_zone.queryForwardPort(port, protocol, toport, toaddr) # interface @@ -809,18 +821,18 @@ class FirewallClientConfigService(object @slip.dbus.polkit.enable_proxy @handle_exceptions - def addModule(self, module, protocol): - self.fw_service.addModule(module, protocol) + def addModule(self, module): + self.fw_service.addModule(module) @slip.dbus.polkit.enable_proxy @handle_exceptions - def removeModule(self, module, protocol): - self.fw_service.removeModule(module, protocol) + def removeModule(self, module): + self.fw_service.removeModule(module) @slip.dbus.polkit.enable_proxy @handle_exceptions - def queryModule(self, module, protocol): - return self.fw_service.queryModule(module, protocol) + def queryModule(self, module): + return self.fw_service.queryModule(module) # destination @@ -846,7 +858,7 @@ class FirewallClientConfigService(object @slip.dbus.polkit.enable_proxy @handle_exceptions - def removeDestination(self, destination): + def removeDestination(self, destination, address): self.fw_service.removeDestination(destination, address) @slip.dbus.polkit.enable_proxy @@ -1021,18 +1033,18 @@ class FirewallClientConfigIcmpType(objec @slip.dbus.polkit.enable_proxy @handle_exceptions - def addDestination(self, destination, address): - self.fw_icmptype.addDestination(destination, address) + def addDestination(self, destination): + self.fw_icmptype.addDestination(destination) @slip.dbus.polkit.enable_proxy @handle_exceptions def removeDestination(self, destination): - self.fw_icmptype.removeDestination(destination, address) + self.fw_icmptype.removeDestination(destination) @slip.dbus.polkit.enable_proxy @handle_exceptions - def queryDestination(self, destination, address): - return self.fw_icmptype.queryDestination(destination, address) + def queryDestination(self, destination): + return self.fw_icmptype.queryDestination(destination) # config.policies lockdown whitelist diff -up firewalld-0.3.9/src/firewall/server/config_icmptype.py.RHBZ#1127706_add firewalld-0.3.9/src/firewall/server/config_icmptype.py --- firewalld-0.3.9/src/firewall/server/config_icmptype.py.RHBZ#1127706_add 2014-10-20 21:34:59.495457446 +0200 +++ firewalld-0.3.9/src/firewall/server/config_icmptype.py 2014-10-20 21:34:59.507457303 +0200 @@ -315,9 +315,15 @@ class FirewallDConfigIcmpType(slip.dbus. destination) self.parent.accessCheck(sender) settings = list(self.getSettings()) - if destination not in settings[3]: - raise FirewallError(NOT_ENABLED, destination) - settings[3].remove(destination) + if settings[3]: + if destination not in settings[3]: + raise FirewallError(NOT_ENABLED, destination) + else: + settings[3].remove(destination) + else: # empty means all + settings[3] = list(set(['ipv4', 'ipv6']) - + set([destination])) + print "settings[3]:", settings[3] self.update(settings) @dbus_service_method(DBUS_INTERFACE_CONFIG_ICMPTYPE, in_signature='s', @@ -328,4 +334,6 @@ class FirewallDConfigIcmpType(slip.dbus. log.debug1("config.icmptype.%d.queryDestination('%s')", self.id, destination) settings = self.getSettings() - return (destination in self.settings[3]) + # empty means all + return (not settings[3] or + destination in settings[3]) diff -up firewalld-0.3.9/src/firewall/server/config_service.py.RHBZ#1127706_add firewalld-0.3.9/src/firewall/server/config_service.py --- firewalld-0.3.9/src/firewall/server/config_service.py.RHBZ#1127706_add 2014-10-20 21:34:59.496457434 +0200 +++ firewalld-0.3.9/src/firewall/server/config_service.py 2014-10-20 21:34:59.508457291 +0200 @@ -398,12 +398,12 @@ class FirewallDConfigService(slip.dbus.s log.debug1("config.service.%d.getDestinations()", self.id) return self.getSettings()[5] - @dbus_service_method(DBUS_INTERFACE_CONFIG_SERVICE, in_signature='as') + @dbus_service_method(DBUS_INTERFACE_CONFIG_SERVICE, in_signature='a{ss}') @dbus_handle_exceptions def setDestinations(self, destinations, sender=None): - destinations = dbus_to_python(destinations, list) - log.debug1("config.service.%d.setDestinations('[%s]')", self.id, - ",".join(destinations)) + destinations = dbus_to_python(destinations, dict) + log.debug1("config.service.%d.setDestinations({ipv4:'%s', ipv6:'%s'})", + self.id, destinations.get('ipv4'), destinations.get('ipv6')) self.parent.accessCheck(sender) settings = list(self.getSettings()) settings[5] = destinations @@ -458,5 +458,5 @@ class FirewallDConfigService(slip.dbus.s log.debug1("config.service.%d.queryDestination('%s', '%s')", self.id, destination, address) settings = self.getSettings() - return (destination in self.settings[5] and \ - address == self.settings[5][destination]) + return (destination in settings[5] and + address == settings[5][destination])