diff options
author | Jorge Lucangeli Obes <jorgelo@chromium.org> | 2015-02-25 14:14:29 -0800 |
---|---|---|
committer | Gilad Arnold <garnold@google.com> | 2015-08-10 23:11:52 -0700 |
commit | 650d229bfc31be30636c2ac62f242952e4f583d4 (patch) | |
tree | b4cc337718829bd8e55ca1bf210c74e7910a9bef /iptables.h | |
parent | 40653d0e058ff0f7908b28874224bbb085e99905 (diff) | |
download | firewalld-650d229bfc31be30636c2ac62f242952e4f583d4.tar.gz |
firewalld: Monitor permission_broker lifetime.
If/when permission_broker exits, plug all firewall holes.
BUG=None
TEST=Manual: deploy to device, punch a hole.
TEST='restart permission_broker', holes are punched.
Change-Id: I3885b2338ad25f79c50a7f8c0aa4375e092ecceb
Reviewed-on: https://chromium-review.googlesource.com/253790
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Commit-Queue: Jorge Lucangeli Obes <jorgelo@chromium.org>
Trybot-Ready: Jorge Lucangeli Obes <jorgelo@chromium.org>
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Diffstat (limited to 'iptables.h')
-rw-r--r-- | iptables.h | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -39,6 +39,9 @@ class IpTables : public org::chromium::FirewalldInterface { bool RemoveVpnSetup(const std::vector<std::string>& usernames, const std::string& interface) override; + // Close all outstanding firewall holes. + void PlugAllHoles(); + protected: // Test-only. explicit IpTables(const std::string& ip4_path, const std::string& ip6_path); @@ -55,8 +58,6 @@ class IpTables : public org::chromium::FirewalldInterface { std::set<Hole>* holes, ProtocolEnum protocol); - void PlugAllHoles(); - bool AddAcceptRules(ProtocolEnum protocol, uint16_t port, const std::string& interface); |