Skip to content

Commit 8e8148c

Browse files
openshift-merge-bot[bot]openshift-merge-bot[bot]
authored
Merge pull request #986 from mheon/conditional_compile_fwdriver
Add conditional compilation of default firewall driver
2 parents 9938bcb + b161e75 commit 8e8148c

File tree

3 files changed

+32
-3
lines changed

3 files changed

+32
-3
lines changed

build.rs

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,4 +63,18 @@ fn main() {
6363
Err(_) => "".to_string(),
6464
};
6565
println!("cargo:rustc-env=GIT_COMMIT={commit}");
66+
67+
// Handle default firewall driver.
68+
// Allowed values "nftables" and "iptables".
69+
let fwdriver = match env::var("NETAVARK_DEFAULT_FW")
70+
.unwrap_or("iptables".to_string())
71+
.as_str()
72+
{
73+
"nftables" => "nftables",
74+
"iptables" => "iptables",
75+
"none" => "none",
76+
inv => panic!("Invalid default firewall driver {}", inv),
77+
};
78+
println!("cargo:rustc-cfg=default_fw=\"{}\"", fwdriver);
79+
println!("cargo:rustc-env=DEFAULT_FW={fwdriver}");
6680
}

src/commands/version.rs

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ struct Info {
1111
commit: &'static str,
1212
build_time: &'static str,
1313
target: &'static str,
14+
default_fw_driver: &'static str,
1415
}
1516

1617
impl Version {
@@ -20,6 +21,7 @@ impl Version {
2021
commit: env!("GIT_COMMIT"),
2122
build_time: env!("BUILD_TIMESTAMP"),
2223
target: env!("BUILD_TARGET"),
24+
default_fw_driver: env!("DEFAULT_FW"),
2325
};
2426

2527
let out = serde_json::to_string_pretty(&info)?;

src/firewall/mod.rs

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -71,9 +71,7 @@ fn get_firewall_impl(driver_name: Option<String>) -> NetavarkResult<FirewallImpl
7171
}
7272
}
7373

74-
// Until firewalld 1.1.0 with support for self-port forwarding lands:
75-
// Just use iptables
76-
Ok(FirewallImpl::Iptables)
74+
get_default_fw_impl()
7775

7876
// Is firewalld running?
7977
// let conn = match Connection::system() {
@@ -92,6 +90,21 @@ fn get_firewall_impl(driver_name: Option<String>) -> NetavarkResult<FirewallImpl
9290
// }
9391
}
9492

93+
#[cfg(default_fw = "nftables")]
94+
fn get_default_fw_impl() -> NetavarkResult<FirewallImpl> {
95+
Ok(FirewallImpl::Nftables)
96+
}
97+
98+
#[cfg(default_fw = "iptables")]
99+
fn get_default_fw_impl() -> NetavarkResult<FirewallImpl> {
100+
Ok(FirewallImpl::Iptables)
101+
}
102+
103+
#[cfg(default_fw = "none")]
104+
fn get_default_fw_impl() -> NetavarkResult<FirewallImpl> {
105+
Ok(FirewallImpl::Fwnone)
106+
}
107+
95108
/// Get the preferred firewall implementation for the current system
96109
/// configuration.
97110
pub fn get_supported_firewall_driver(

0 commit comments

Comments
 (0)