Revert "network: *un*set the firewalld zone while shutting down a network"

This reverts commit 200f60b2e12e68d618f6d59f0173bb507b678838. The same
functionality will be re-added in a different way in an upcoming patch.

Signed-off-by: Laine Stump
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index e09fb98596e240a2e9951eb84ed8a3a1ddf9189f..cafb41166be92e7914577a249fdce37357165efb 100644 (file)
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2452,7 +2452,6 @@ virFirewallDGetPolicies;
 virFirewallDGetVersion;
 virFirewallDGetZones;
 virFirewallDInterfaceSetZone;
-virFirewallDInterfaceUnsetZone;
 virFirewallDIsRegistered;
 virFirewallDPolicyExists;
 virFirewallDSynchronize;

diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 74ba59b4e98c589f44e920ab539fdd835e4faefe..c9c6fcbccc7fabcdac9a88b33de14d31df5dbeaf 100644 (file)
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -2127,8 +2127,6 @@ networkStartNetworkVirtual(virNetworkDriverState *driver,
         def->forward.type != VIR_NETWORK_FORWARD_OPEN)
         networkRemoveFirewallRules(obj);
 
-    networkUnsetBridgeZone(def);
-
     virNetworkObjUnrefMacMap(obj);
 
     ignore_value(virNetDevBridgeDelete(def->bridge));
@@ -2167,8 +2165,6 @@ networkShutdownNetworkVirtual(virNetworkObj *obj)
     if (def->forward.type != VIR_NETWORK_FORWARD_OPEN)
         networkRemoveFirewallRules(obj);
 
-    networkUnsetBridgeZone(def);
-
     ignore_value(virNetDevBridgeDelete(def->bridge));
 
     /* See if its still alive and really really kill it */

diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
index 3b3608c08586e4a3b4ebcb7ae39971c43ae2f37f..af758d4f3da9d31db8c76eb1657bac541bd40195 100644 (file)
--- a/src/network/bridge_driver_linux.c
+++ b/src/network/bridge_driver_linux.c
@@ -392,20 +392,6 @@ networkSetBridgeZone(virNetworkDef *def)
 }
 
 
-void
-networkUnsetBridgeZone(virNetworkDef *def)
-{
-    /* If there is a libvirt-managed bridge device remove it from any
-     * zone it had been placed in as a part of deleting the bridge.
-     * DO NOT CALL THIS FOR 'bridge' forward mode, since that
-     * bridge is not managed by libvirt.
-     */
-    if (def->bridge && def->forward.type != VIR_NETWORK_FORWARD_BRIDGE
-        && virFirewallDIsRegistered() == 0) {
-        virFirewallDInterfaceUnsetZone(def->bridge);
-    }
-}
-
 int
 networkAddFirewallRules(virNetworkDef *def,
                         virFirewallBackend firewallBackend,

diff --git a/src/network/bridge_driver_nop.c b/src/network/bridge_driver_nop.c
index 831a5a5010200a63f2437289401ecafbfb78b01b..20c7a2a595e7221c231b3830bb264424735d5841 100644 (file)
--- a/src/network/bridge_driver_nop.c
+++ b/src/network/bridge_driver_nop.c
@@ -51,12 +51,6 @@ networkSetBridgeZone(virNetworkDef *def)
 }
 
 
-void
-networkUnsetBridgeZone(virNetworkDef *def G_GNUC_UNUSED)
-{
-}
-
-
 int networkAddFirewallRules(virNetworkDef *def G_GNUC_UNUSED,
                             virFirewallBackend firewallBackend,
                             virFirewall **fwRemoval G_GNUC_UNUSED)

diff --git a/src/network/bridge_driver_platform.h b/src/network/bridge_driver_platform.h
index a0291532a1b1aa02fe3458d665a24543134e4ef8..02abdc197f76897d51e3a3e4d98174be72bc607c 100644 (file)
--- a/src/network/bridge_driver_platform.h
+++ b/src/network/bridge_driver_platform.h
@@ -38,6 +38,4 @@ int networkAddFirewallRules(virNetworkDef *def,
                             virFirewallBackend firewallBackend,
                             virFirewall **fwRemoval);
 
-void networkUnsetBridgeZone(virNetworkDef *def);
-
 void networkRemoveFirewallRules(virNetworkObj *obj);

diff --git a/src/util/virfirewalld.c b/src/util/virfirewalld.c
index 4aec33ac45d2d97e43bf4d5aafca0fc21a0a3b43..827e201dbbe1be361e7e3158081cba617ef30716 100644 (file)
--- a/src/util/virfirewalld.c
+++ b/src/util/virfirewalld.c
@@ -449,29 +449,6 @@ virFirewallDInterfaceSetZone(const char *iface,
 }
 
 
-int
-virFirewallDInterfaceUnsetZone(const char *iface)
-{
-    GDBusConnection *sysbus = virGDBusGetSystemBus();
-    g_autoptr(GVariant) message = NULL;
-
-    if (!sysbus)
-        return -1;
-
-    message = g_variant_new("(ss)", "", iface);
-
-    return virGDBusCallMethod(sysbus,
-                             NULL,
-                             NULL,
-                             NULL,
-                             VIR_FIREWALL_FIREWALLD_SERVICE,
-                             "/org/fedoraproject/FirewallD1",
-                             "org.fedoraproject.FirewallD1.zone",
-                             "removeInterface",
-                             message);
-}
-
-
 void
 virFirewallDSynchronize(void)
 {

diff --git a/src/util/virfirewalld.h b/src/util/virfirewalld.h
index 0dbe66d435d355a30f6b09389247439d431479f3..0e94d3507b8d496801c6594046e1a2bc72740a89 100644 (file)
--- a/src/util/virfirewalld.h
+++ b/src/util/virfirewalld.h
@@ -46,6 +46,4 @@ int virFirewallDApplyRule(virFirewallLayer layer,
 int virFirewallDInterfaceSetZone(const char *iface,
                                  const char *zone);
 
-int virFirewallDInterfaceUnsetZone(const char *iface);
-
 void virFirewallDSynchronize(void);