Author: locilka Date: Wed Apr 9 14:58:21 2008 New Revision: 46285 URL: http://svn.opensuse.org/viewcvs/yast?rev=46285&view=rev Log: Adding nf_conntrack_netbios_ns into KERNEL_MODULES if needed Modified: trunk/yast2/library/network/src/SuSEFirewall.ycp trunk/yast2/library/network/src/SuSEFirewallExpertRules.ycp Modified: trunk/yast2/library/network/src/SuSEFirewall.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/yast2/library/network/src/SuSEFir... ============================================================================== --- trunk/yast2/library/network/src/SuSEFirewall.ycp (original) +++ trunk/yast2/library/network/src/SuSEFirewall.ycp Wed Apr 9 14:58:21 2008 @@ -150,6 +150,9 @@ "FW_CONFIGURATIONS_EXT", "FW_CONFIGURATIONS_INT", "FW_CONFIGURATIONS_DMZ", ]; + // FATE #300970: Firewall support for SMB browsing + string broadcast_related_module = "nf_conntrack_netbios_ns"; + # <!-- SuSEFirewall VARIABLES //--> # <!-- SuSEFirewall GLOBAL FUNCTIONS USED BY LOCAL ONES //--> @@ -2515,6 +2518,8 @@ return true; } + void CheckKernelModules (); + /** * Helper function for the backward compatibility. * See WriteConfiguration(). Remove from code ASAP. @@ -2530,6 +2535,7 @@ * @return boolean if succesfull */ global define boolean Write () { + CheckKernelModules(); // just disabled if (! SuSEFirewallIsInstalled()) return true; @@ -3227,6 +3233,29 @@ SETTINGS["FW_SERVICES_ACCEPT_RELATED_" + zone] = mergestring (ruleset, "\n"); } + void CheckKernelModules () { + boolean needs_additional_module = false; + + foreach (string one_zone, GetKnownFirewallZones(), { + if (size (GetServicesAcceptRelated (one_zone)) >= 0) { + y2milestone ("Some ServicesAcceptRelated are defined"); + needs_additional_module = true; + break; + } + }); + + if (needs_additional_module) { + list <string> k_modules = splitstring (SETTINGS["FW_LOAD_MODULES"]:"", " "); + + if (! contains (k_modules, broadcast_related_module)) { + y2warning ("FW_LOAD_MODULES doesn't contain %1, adding", broadcast_related_module); + k_modules = add (k_modules, broadcast_related_module); + SETTINGS["FW_LOAD_MODULES"] = mergestring (k_modules, " "); + SetModified(); + } + } + } + # <!-- SuSEFirewall GLOBAL FUNCTIONS //--> /* EOF */ Modified: trunk/yast2/library/network/src/SuSEFirewallExpertRules.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/yast2/library/network/src/SuSEFir... ============================================================================== --- trunk/yast2/library/network/src/SuSEFirewallExpertRules.ycp (original) +++ trunk/yast2/library/network/src/SuSEFirewallExpertRules.ycp Wed Apr 9 14:58:21 2008 @@ -42,7 +42,7 @@ } // used to identify the IPv4 in regexp - string type_ip4 = "[0123456789].[0123456789].[0123456789].[0123456789]"; + string type_ip4 = "[0123456789]+.[0123456789]+.[0123456789]+.[0123456789]+"; /** * Returns whether the netmask bits are valid. @@ -76,9 +76,9 @@ } // A.B.C.D/1 - A.B.C.D/32 (IP with a numeric netmask) - else if (regexpmatch(network, "^" + type_ip4 + "/[01234567890]$")) { - string part_ip = regexpsub (network, "^(" + type_ip4 + ")/[01234567890]$", "\1"); - string part_bits = regexpsub (network, "^" + type_ip4 + "(/[01234567890])$", "\1"); + else if (regexpmatch(network, "^" + type_ip4 + "/[01234567890]+$")) { + string part_ip = regexpsub (network, "^(" + type_ip4 + ")/[01234567890]+$", "\1"); + string part_bits = regexpsub (network, "^" + type_ip4 + "(/[01234567890])+$", "\1"); return (IP::Check4(part_ip) && ValidNetmaskBits(tointeger(part_bits))); } -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org