feat(xml): Tie it all together by generating intro ip(6)tables targets

2022-07-05 04:47:08 +02:00 · 2022-07-05 04:47:08 +02:00 · 74a6f42171
commit 74a6f42171
parent 35e6f80243
1 changed files with 17 additions and 2 deletions
--- a/update-firewall-source.py
+++ b/update-firewall-source.py
@ -554,5 +554,20 @@ if __name__ == '__main__':
        else:
            log.info(f"No source address given. Rules will apply to all sources.")

-# arg_allow_sources = resolve_addresses(arg_allow_list)
-# gen_fw_rule_xml(arg_allow_sources)
+        add_fw_rule_to_xml(config,
+                           section,
+                           target=config.get(section, "target"),
+                           ports=config.getlist(section, "ports"),
+                           proto=config.get(section, "proto"))
+    for arg_address_family in ["ipv4", "ipv6"]:
+        if rules_count(arg_address_family):
+            add_rule_elem(
+                arg_address_family,
+                0,
+                "ACCEPT",
+                arg_state="ESTABLISHED,RELATED")
+    add_firewall_shim(get_phy_nics())
+
+    write_new_fwd_direct_xml(config)
+    if config.getboolean(configparser.DEFAULTSECT, "restart_firewalld_after_change"):
+        restart_systemd_firewalld()