util: add virFirewallDGetPolicies()

Signed-off-by: Eric Garver <eric@garver.life> Reviewed-by: Laine Stump <laine@redhat.com>
2025-01-22 04:25:18 +00:00 · 2022-09-22 11:13:20 -04:00 · 2022-09-22 11:13:20 -04:00 · ab56f84976
commit ab56f84976
parent 7416d19b8d
3 changed files with 43 additions and 0 deletions
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@ -2360,6 +2360,7 @@ virFirewallStartTransaction;
 # util/virfirewalld.h
 virFirewallDApplyRule;
 virFirewallDGetBackend;
+virFirewallDGetPolicies;
 virFirewallDGetVersion;
 virFirewallDGetZones;
 virFirewallDInterfaceSetZone;
--- a/src/util/virfirewalld.c
+++ b/src/util/virfirewalld.c
@ -223,6 +223,47 @@ virFirewallDGetZones(char ***zones, size_t *nzones)
    return 0;
 }

+/**
+ * virFirewallDGetPolicies:
+ * @policies: array of char *, each entry is a null-terminated policy name
+ * @npolicies: number of entries in @policies
+ *
+ * Get the number of currently active firewalld policies, and their names
+ * in an array of null-terminated strings. The memory pointed to by
+ * @policies will belong to the caller, and must be freed.
+ *
+ * Returns 0 on success, -1 (and failure logged) on error
+ */
+int
+virFirewallDGetPolicies(char ***policies, size_t *npolicies)
+{
+    GDBusConnection *sysbus = virGDBusGetSystemBus();
+    g_autoptr(GVariant) reply = NULL;
+    g_autoptr(GVariant) array = NULL;
+
+    *npolicies = 0;
+    *policies = NULL;
+
+    if (!sysbus)
+        return -1;
+
+    if (virGDBusCallMethod(sysbus,
+                           &reply,
+                           G_VARIANT_TYPE("(as)"),
+                           NULL,
+                           VIR_FIREWALL_FIREWALLD_SERVICE,
+                           "/org/fedoraproject/FirewallD1",
+                           "org.fedoraproject.FirewallD1.policy",
+                           "getPolicies",
+                           NULL) < 0)
+        return -1;
+
+    g_variant_get(reply, "(@as)", &array);
+    *policies = g_variant_dup_strv(array, npolicies);
+
+    return 0;
+}
+

 /**
 * virFirewallDZoneExists:
--- a/src/util/virfirewalld.h
+++ b/src/util/virfirewalld.h
@ -33,6 +33,7 @@ int virFirewallDGetVersion(unsigned long *version);
 int virFirewallDGetBackend(void);
 int virFirewallDIsRegistered(void);
 int virFirewallDGetZones(char ***zones, size_t *nzones);
+int virFirewallDGetPolicies(char ***policies, size_t *npolicies);
 bool virFirewallDZoneExists(const char *match);
 int virFirewallDApplyRule(virFirewallLayer layer,
                          char **args, size_t argsLen,