From b2c9302e8a4ad1ab7535a557b2f9c9aa49b49629 Mon Sep 17 00:00:00 2001
From: Eric Garver <eric@garver.life>
Date: Wed, 27 Oct 2021 11:09:39 -0400
Subject: [PATCH 43/50] fix(fw_config): zone: on rename remove then add

Remove the old object before creating the new one. This avoids issues
such as conflicting configuration in the objects that check_config() may
trip over.

(cherry picked from commit 3aec1dfe449d0bcb52884341770e4def0de27f56)
(cherry picked from commit a58b45d8ee3221309ec0c6f919c266b5cfc6f89a)
---
 src/firewall/core/fw_config.py | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/firewall/core/fw_config.py b/src/firewall/core/fw_config.py
index 148ce1b4e32c..a97d0b23a6ac 100644
--- a/src/firewall/core/fw_config.py
+++ b/src/firewall/core/fw_config.py
@@ -984,13 +984,16 @@ class FirewallConfig(object):
 
     def rename_zone(self, obj, name):
         self.check_builtin_zone(obj)
-        new_zone = self._copy_zone(obj, name)
+        obj_conf = obj.export_config_dict()
         self._remove_zone(obj)
+        try:
+            new_zone = self.new_zone_dict(name, obj_conf)
+        except:
+            # re-add original if rename failed
+            self.new_zone_dict(obj.name, obj_conf)
+            raise
         return new_zone
 
-    def _copy_zone(self, obj, name):
-        return self.new_zone_dict(name, obj.export_config_dict())
-
     # policy objects
 
     def get_policy_objects(self):
-- 
2.27.0