Google Git
Sign in
android / platform / system / firewalld / 8620868c44d58dc0632df3a7be7c48be1eb2421b
commit8620868c44d58dc0632df3a7be7c48be1eb2421b[log] [tgz]
authorJorge Lucangeli Obes <jorgelo@chromium.org>Fri Dec 05 15:28:04 2014 -0800
committerGilad Arnold <garnold@google.com>Mon Aug 10 23:11:52 2015 -0700
treeee2c83fc2de05844fe83d411c88573ab15555f15
parent9a56a8ea3c09e7b98cd167bad0008b81152e0772 [diff]
firewalld: add IpTables wrapper.

Implement firewall functionality.
Split up part of FirewallService's functionality into a class
that can be easily unit-tested.

TODO: allow punching holes for UDP ports as well.

BUG=chromium:435400
TEST=New unit tests pass.
TEST=dbus-send --system --dest=org.chromium.firewalld --print-reply \
         /org/chromium/firewalld \
         org.chromium.firewalld.PunchHole uint16:80 twice, success.
TEST='iptables -S' shows the new rule.
TEST=dbus-send --system --dest=org.chromium.firewalld --print-reply \
         /org/chromium/firewalld \
         org.chromium.firewalld.PlugHole uint16:80 once, success.
TEST='iptables -S' no longer shows the new rule.
TEST=Second time, error.

Change-Id: Ic8fc9d1fb3ac3deecde304922a709befa55015fb
Reviewed-on: https://chromium-review.googlesource.com/233723
Trybot-Ready: Jorge Lucangeli Obes <jorgelo@chromium.org>
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Commit-Queue: Jorge Lucangeli Obes <jorgelo@chromium.org>
6 files changed
tree: ee2c83fc2de05844fe83d411c88573ab15555f15
  1. dbus_bindings/
  2. dbus_interface.h
  3. firewall_daemon.cc
  4. firewall_daemon.h
  5. firewall_service.cc
  6. firewall_service.h
  7. firewalld.gyp
  8. iptables.cc
  9. iptables.h
  10. iptables_unittest.cc
  11. main.cc
  12. run_all_tests.cc