Hello community, here is the log from the commit of package fwzs for openSUSE:Factory checked in at Wed Oct 5 17:36:06 CEST 2011.
-------- --- openSUSE:Factory/fwzs/fwzs.changes 2011-09-23 01:58:28.000000000 +0200 +++ /mounts/work_src_done/STABLE/fwzs/fwzs.changes 2011-10-05 11:38:30.000000000 +0200 @@ -1,0 +2,6 @@ +Wed Oct 5 09:37:59 UTC 2011 - lnus...@suse.de + +- new version 0.5: + * automatic zone switching based on NM connection + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- fwzs-0.4.tar.bz2 New: ---- fwzs-0.5.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ fwzs.spec ++++++ --- /var/tmp/diff_new_pack.dGAEoW/_old 2011-10-05 17:36:02.000000000 +0200 +++ /var/tmp/diff_new_pack.dGAEoW/_new 2011-10-05 17:36:02.000000000 +0200 @@ -21,8 +21,8 @@ Name: fwzs Url: http://gitorious.org/opensuse/fwzs Summary: Tray applet that allows to switch firewall zones of interfaces -Version: 0.4 -Release: 3 +Version: 0.5 +Release: 1 License: GPLv2 Group: System/GUI/Other Source: fwzs-%version.tar.bz2 @@ -69,9 +69,9 @@ %{_datadir}/fwzs %{_datadir}/dbus-1/system-services/org.opensuse.zoneswitcher.service %{_datadir}/applications/fwzsapp.desktop +%if 0%{?suse_version} < 1130 %dir %{_datadir}/PolicyKit %dir %{_datadir}/PolicyKit/policy -%if 0%{?suse_version} < 1130 %{_datadir}/PolicyKit/policy/org.opensuse.zoneswitcher.policy %else %dir %{_datadir}/polkit-1 ++++++ fwzs-0.4.tar.bz2 -> fwzs-0.5.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fwzs-0.4/TODO new/fwzs-0.5/TODO --- old/fwzs-0.4/TODO 2010-06-18 10:43:00.000000000 +0200 +++ new/fwzs-0.5/TODO 2011-10-05 12:02:56.000000000 +0200 @@ -1,7 +1,5 @@ -- watch NetworkManager for connection changes and switch to default - automatically -- also support polkit1 - properly survive dbus restarts +- apply status after SuSEfirewall2 has run if run for the first time Optional: - other firewall backends diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fwzs-0.4/configure new/fwzs-0.5/configure --- old/fwzs-0.4/configure 2011-04-27 18:25:52.000000000 +0200 +++ new/fwzs-0.5/configure 2011-10-05 11:53:54.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for fwzs 0.4. +# Generated by GNU Autoconf 2.68 for fwzs 0.5. # # Report bugs to <ludwig.nus...@suse.de>. # @@ -559,8 +559,8 @@ # Identity of this package. PACKAGE_NAME='fwzs' PACKAGE_TARNAME='fwzs' -PACKAGE_VERSION='0.4' -PACKAGE_STRING='fwzs 0.4' +PACKAGE_VERSION='0.5' +PACKAGE_STRING='fwzs 0.5' PACKAGE_BUGREPORT='ludwig.nus...@suse.de' PACKAGE_URL='' @@ -1187,7 +1187,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures fwzs 0.4 to adapt to many kinds of systems. +\`configure' configures fwzs 0.5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1257,7 +1257,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of fwzs 0.4:";; + short | recursive ) echo "Configuration of fwzs 0.5:";; esac cat <<\_ACEOF @@ -1330,7 +1330,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -fwzs configure 0.4 +fwzs configure 0.5 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1347,7 +1347,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by fwzs $as_me 0.4, which was +It was created by fwzs $as_me 0.5, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -2236,7 +2236,7 @@ # Define the identity of the package. PACKAGE='fwzs' - VERSION='0.4' + VERSION='0.5' cat >>confdefs.h <<_ACEOF @@ -2845,7 +2845,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by fwzs $as_me 0.4, which was +This file was extended by fwzs $as_me 0.5, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -2898,7 +2898,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -fwzs config.status 0.4 +fwzs config.status 0.5 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fwzs-0.4/configure.ac new/fwzs-0.5/configure.ac --- old/fwzs-0.4/configure.ac 2011-04-27 18:11:25.000000000 +0200 +++ new/fwzs-0.5/configure.ac 2011-10-05 11:53:43.000000000 +0200 @@ -1,6 +1,6 @@ define([dbusdatadirdefault],[${datadir}/dbus-1])dnl dnl -AC_INIT([fwzs],[0.4],[ludwig.nus...@suse.de]) +AC_INIT([fwzs],[0.5],[ludwig.nus...@suse.de]) AC_CONFIG_SRCDIR([fwzsd.py]) AC_PREREQ(2.53) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fwzs-0.4/fwzsapp.py new/fwzs-0.5/fwzsapp.py --- old/fwzs-0.4/fwzsapp.py 2011-04-27 18:24:49.000000000 +0200 +++ new/fwzs-0.5/fwzsapp.py 2011-10-05 11:53:43.000000000 +0200 @@ -34,6 +34,22 @@ import gettext import locale +def N_(x): return x + +_debug_level = 0 +def debug(level, msg): + if (level <= _debug_level): + print level, msg + +APPNAME = N_("Firewall Zone Switcher") + +_can_notify = False +try: + import pynotify + _can_notify = True +except Exception, e: + print e + gettext.install('fwzsapp') icon_green = ICONDIR + '/firewall.png' @@ -177,7 +193,7 @@ def __init__(self, parent, app, iface): self.app = app self.selection = None - zones = app.iface.Zones() + zones = app.zones ifaces = app.iface.Interfaces() if not zones or not ifaces: app.error_dialog(_("Can't get list of interfaces or zones")) @@ -220,7 +236,7 @@ return if not self.selection: - print "error: no active item" + debug(1,"error: no active item") self.app.set_zone(self.selection[0], self.selection[1]) @@ -292,7 +308,7 @@ menu.append(item) else: - zones = self.app.iface.Zones() + zones = self.app.zones if zones and self.app.running == True: ifaces = self.app.iface.Interfaces() @@ -360,10 +376,9 @@ closebutton = gtk.STOCK_QUIT self.content = None self.ifaces = None - self.zones = None if app.icon.isshown(): closebutton = gtk.STOCK_CLOSE - dialog = gtk.Dialog(_("Firewall Zone Switcher"), None, 0, ( closebutton, gtk.RESPONSE_CANCEL )) + dialog = gtk.Dialog(_(APPNAME), None, 0, ( closebutton, gtk.RESPONSE_CANCEL )) dialog.set_default_size(400, 250) dialog.set_icon_from_file(icon_green) @@ -387,13 +402,7 @@ w = gtk.Label(txt_service_not_running) vbox.pack_start(w) else: - try: - self.zones = self.app.iface.Zones() - except Exception, e: - print e - pass - - if not self.zones or not self.app.running: + if not self.app.zones or not self.app.running: vbox.set_border_width(6) vbox.set_spacing(6) if self.app.running == True: @@ -417,14 +426,9 @@ vbox.pack_start(w, False, False) return vbox - + def make_label(self, i, z): - if z: - if 'desc' in self.zones[z] and self.zones[z]['desc'] != '': - z = self.zones[z]['desc'] - else: - z = _("Unknown") - txt = '%s - %s' % (i, z) + txt = '%s - %s' % (i, self.app.zone_get_desc(z)) return txt def zone_changed(self, iface, zone): @@ -447,7 +451,7 @@ h = gtk.HBox() i = gtk.image_new_from_file(self.app.icon.iconfile) i.set_alignment(1, 0.5) - l = gtk.Label(_("Firewall Zone Switcher")) + l = gtk.Label(_(APPNAME)) l.set_alignment(0, 0.5) h.pack_start(i, True, True) h.pack_start(l, True, True) @@ -490,6 +494,9 @@ self.icon = StatusIcon(self) self.overview_dialog = None self.running = None; + self.signalreceivers = [] + self.notify_initialized = False + self.zones = {} if delay: glib.timeout_add_seconds(delay, self.startup_timer) @@ -501,12 +508,21 @@ if not trayonly: self.overview_dialog = OverviewDialog(self) - + def startup_timer(self): if not self.bus: self.check_status() return False + def zone_get_desc(self, z): + if z: + if 'desc' in self.zones[z] and self.zones[z]['desc'] != '': + z = self.zones[z]['desc'] + else: + z = _("Unknown") + + return z + def nameowner_changed_handler(self, name, old, new): if name != 'org.opensuse.zoneswitcher': return @@ -514,17 +530,65 @@ if(not new and old): self.obj = self.iface = None self.running = None + for sig in self.signalreceivers: + sig.remove() + self.signalreceivers = [] self.icon.update() elif(not old and new): self.check_status() + self._connect_signals(new) + + def _connect_signals(self, sender): + sig = self.bus.add_signal_receiver( + lambda iface, zone: self._zone_changed_receive(iface, zone), + dbus_interface='org.opensuse.zoneswitcher', + bus_name = sender, signal_name='ZoneChanged') + self.signalreceivers.append(sig) + sig = self.bus.add_signal_receiver( + lambda: self._has_run_received(), + dbus_interface='org.opensuse.zoneswitcher', + bus_name = sender, signal_name='HasRun') + self.signalreceivers.append(sig) + + def _zone_changed_receive(self, iface, zone): + debug(1,"got zone change: %s -> %s"%(iface, zone)) + if self.overview_dialog: + self.overview_dialog.zone_changed(iface, zone) + else: + try: + global _can_notify + if not self.notify_initialized: + if not pynotify.init(_(APPNAME)): + _can_notify = False + if _can_notify and zone and zone != "": + n = pynotify.Notification( + _("%s now in zone '%s'")%(iface, self.zone_get_desc(zone)), + None, + "file://"+os.path.abspath(icon_green)) + n.set_urgency(pynotify.URGENCY_LOW) + n.set_category("network") + n.set_hint_string("desktop-entry", "fwzsapp") + n.show() + except Exception, e: + print e + + def _has_run_received(self): + debug(1,"got HasRun") + try: + self.zones = self.iface.Zones() + except dbus.DBusException, e: + print e + self.zones = {} + if self.overview_dialog: + self.overview_dialog.set_contents() def catchall_handler(self, *args, **kwargs): print "args: ", args print "kwargs: ", kwargs def bus_disconnected(self): - print "bus disconnected" + debug(1,"bus disconnected") self.icon.grey() def check_status(self): @@ -562,11 +626,12 @@ self.bus.add_signal_receiver( lambda name, old, new: self.nameowner_changed_handler(name, old, new), + bus_name='org.freedesktop.DBus', dbus_interface='org.freedesktop.DBus', signal_name='NameOwnerChanged') except dbus.DBusException, e: - print "can't connect to bus:", str(e) + debug(1,"can't connect to bus: %s"%str(e)) self.bus = self.obj = self.iface = None return None @@ -581,11 +646,15 @@ if l[0]: self.iface.setLang(l[0]) + self.zones = self.iface.Zones() + + self._connect_signals(self.obj.bus_name) + #print self.obj.Introspect(dbus_interface="org.freedesktop.DBus.Introspectable") except dbus.DBusException, e: self.obj = self.iface = None - print "can't connect to zoneswitcher:", e + debug(1,"can't connect to zoneswitcher: %s"%e) return None return self.iface @@ -601,10 +670,8 @@ while repeat: repeat = False try: - if self.iface.setZone(iface, zone) == True: - self.run_firewall() - if self.overview_dialog: - self.overview_dialog.zone_changed(iface, zone) + self.iface.setZone(iface, zone) + self.run_firewall() except dbus.DBusException, e: if e.get_dbus_name() == 'org.freedesktop.PolicyKit.NotPrivilegedException': if self.polkitauth(Exception.__str__(e)): @@ -662,8 +729,13 @@ parser.add_option('--delay', dest="delay", metavar='N', action='store', type='int', default=0, help="when started in system tray, delay status query N seconds") + parser.add_option('--debug', dest="debug", metavar='N', + action='store', type='int', default=0, + help="debug level") (opts, args) = parser.parse_args() + if opts.debug: + _debug_level = opts.debug dbus.mainloop.glib.DBusGMainLoop(set_as_default=True) app = fwzsApp(trayonly = opts.tray, delay=opts.delay); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fwzs-0.4/fwzsd.py new/fwzs-0.5/fwzsd.py --- old/fwzs-0.4/fwzsd.py 2011-04-27 15:47:08.000000000 +0200 +++ new/fwzs-0.5/fwzsd.py 2011-10-05 11:53:43.000000000 +0200 @@ -32,8 +32,15 @@ TIMEOUT = 60 +timer = None + def N_(x): return x +_debug_level = 0 +def debug(level, msg): + if (level <= _debug_level): + print level, msg + class FirewallException(dbus.DBusException): _dbus_error_name = 'org.opensuse.zoneswitcher.FirewallException' @@ -41,9 +48,17 @@ _dbus_error_name = 'org.opensuse.zoneswitcher.FirewallNotPrivilegedException' # backends need to implement this class -class ZoneSwitcher: +class ZoneSwitcher(gobject.GObject): + + __gsignals__ = { + 'ZoneChanged': + (gobject.SIGNAL_RUN_FIRST, gobject.TYPE_NONE, (gobject.TYPE_STRING,gobject.TYPE_STRING,)), + 'HasRun': + (gobject.SIGNAL_RUN_FIRST, gobject.TYPE_NONE, ()), + } def __init__(self, *args): + self.__gobject_init__() self.trans = {} def Zones(self, sender=None): @@ -78,6 +93,13 @@ if old and not new and old in self.trans: del self.trans[old] + def do_ZoneChanged(self, iface, zone): + return + + def do_HasRun(self): + return + +# the DBus interface class ZoneSwitcherDBUS(dbus.service.Object): """DBUS interface for zone switcher""" @@ -86,38 +108,35 @@ def __init__(self, impl, *args): dbus.service.Object.__init__(self, *args) self.impl = impl + impl.connect('ZoneChanged', lambda obj, iface, zone: self._zone_changed_receive(iface, zone)) + impl.connect('HasRun', lambda obj: self._has_run_received()) self._connection.add_signal_receiver( lambda name, old, new: self.nameowner_changed_handler(name, old, new), + bus_name='org.freedesktop.DBus', dbus_interface='org.freedesktop.DBus', signal_name='NameOwnerChanged') - self.timeout = None self.mainloop = None self.clients = {} def _add_client(self, sender): - if self.timeout: - gobject.source_remove(self.timeout) - self.timeout = None - self.clients[sender] = 1 + if (not sender in self.clients): + debug(1, "add client %s"%sender) + self.clients[sender] = 1 + self._update_timeout() + + def _remove_client(self, sender): + if (sender in self.clients): + debug(1,"remove client %s"%sender) + del self.clients[sender] + self._update_timeout() def _update_timeout(self,): - if not self.mainloop: - return - if self.timeout: - gobject.source_remove(self.timeout) - self.timeout = gobject.timeout_add(TIMEOUT * 1000, self._goodbye) + global timer + timer.inhibit("dbusiface", len(self.clients) != 0) def set_mainloop(self, l): self.mainloop = l - def _goodbye(self): - if len(self.clients): - print "clients != 0. Should not happen!", self.clients - return - print "exit due to timeout" - self.mainloop.quit() - return False - @dbus.service.method(interface, in_signature='', out_signature='a{sa{ss}}', sender_keyword='sender') def Zones(self, sender=None): @@ -167,11 +186,29 @@ self._add_client(sender) return self.impl.setLang(lang, sender=sender) + @dbus.service.signal(interface, signature='ss') + def ZoneChanged(self, iface, zone): + return + + @dbus.service.signal(interface, signature='') + def HasRun(self): + return + + def _zone_changed_receive(self, iface, zone): + if not iface: + return + if not zone: + zone = '' + debug(1,"DBUS: forwarding ZoneChanged(%s, %s)"%(iface, zone)) + self.ZoneChanged(iface, zone) + + def _has_run_received(self): + debug(1,"DBUS: forwarding HasRun()") + self.HasRun() + def nameowner_changed_handler(self, name, old, new): if not new and old in self.clients: - del self.clients[old] - if len(self.clients) == 0: - self._update_timeout() + self._remove_client(old) self.impl.nameowner_changed_handler(name, old, new) def _check_polkit(self, sender, action, return_cb, error_cb, func, *args ): @@ -190,18 +227,21 @@ except Exception, e: error_cb(e) return + else: + error_cb(FirewallException(N_("You are not authorized."))) return_cb(r) def _pk_auth_except(self, error_cb, e): error_cb(e) +# zone switcher implementation for SuSEfirewall2 class ZoneSwitcherSuSEfirewall2(ZoneSwitcher): ZONES = { - 'int': N_('Trusted'), - 'dmz': N_('DMZ'), - 'ext': N_('Untrusted'), + 'int': N_('Private Network'), + 'dmz': N_('Something inbetween'), + 'ext': N_('Public Network'), } STATUSDIR = '/var/run/SuSEfirewall2/status' @@ -210,13 +250,18 @@ def _listzones(self): try: return os.listdir(self.STATUSDIR + '/zones') - except: + except Exception, e: + print e return [] def _listiterfaces(self): try: - return os.listdir(self.STATUSDIR + '/interfaces') - except: + # consider all system devices valid as SuSEfirewall2 may not know + # about all yet + return [ d for d in os.listdir("/sys/class/net/") if d != 'lo' and d != 'sit0' ] + #return os.listdir(self.STATUSDIR + '/interfaces') + except Exception, e: + print e return [] def Zones(self, sender=None): @@ -249,16 +294,23 @@ def setZone(self, interface, zone, sender=None): # check user supplied strings if not interface in self._listiterfaces(): - raise FirewallException("specified interface is invalid") - if not zone in self._listzones(): - raise FirewallException("specified zone is invalid") + raise FirewallException(_("specified interface is invalid")) + if zone and not zone in self._listzones(): + raise FirewallException(_("specified zone is invalid")) dir = self.IFACEOVERRIDEDIR+'/'+interface if not os.access(dir, os.F_OK): os.makedirs(dir) - f = open(dir+'/zone', 'w') - print >>f, zone - f.close() + file = dir+'/zone' + if (zone): + f = open(file, 'w') + print >>f, zone + f.close() + else: + if os.access(file, os.F_OK): + os.unlink(file) + + self.emit("ZoneChanged", interface, zone) return True def Run(self, sender=None): @@ -267,23 +319,356 @@ raise FirewallException("SuSEfirewall2 failed") except: raise FirewallException("can't run SuSEfirewall2") + self.emit("HasRun") + return True def Status(self, sender=None): try: - if(subprocess.call(['/etc/init.d/SuSEfirewall2_setup', 'status']) == 0): + #n = open('/dev/null', 'w') + #if(subprocess.call(['/sbin/SuSEfirewall2', 'status'], stdout=n, stderr=n) == 0): + if (os.access(self.STATUSDIR, os.F_OK)): return True return False - except: + except Exception, e: + print e raise FirewallException("SuSEfirewall2 status unknown") + +class NMWatcher(gobject.GObject): + + DEVSTATES = { + 0: 'UNKNOWN', + 10: 'UNMANAGED', + 20: 'UNAVAILABLE', + 30: 'DISCONNECTED', + 40: 'PREPARE', + 50: 'CONFIG', + 60: 'NEED_AUTH', + 70: 'IP_CONFIG', + 80: 'IP_CHECK', + 90: 'SECONDARIES', + 100: 'ACTIVATED', + 110: 'DEACTIVATING', + 120: 'FAILED', + } + + STATEDIR = "/var/lib/zoneswitcher" + + def __init__(self, switcher): + self.bus = dbus.SystemBus() + self.proxy = None + self.manager = None + self.running = False + self.devuuid = {} # devname => uuid + self.zones = {} # uuid => zone + self.switcher = switcher + self.devicewatchers = {} + self.ifacedirty = {} # map of interfaces that have changed zones but no fw run yet + + # XXX: start is probably racy if NM does something here already + self.readstate() + + switcher.connect('ZoneChanged', lambda obj, iface, zone: self._zone_changed_receive(iface, zone)) + switcher.connect('HasRun', lambda obj: self._has_run_received()) + + self.check_status() + self.applystate() + + self.bus.add_signal_receiver( + lambda name, old, new: self.nameowner_changed_handler(name, old, new), + bus_name='org.freedesktop.DBus', + dbus_interface='org.freedesktop.DBus', + signal_name='NameOwnerChanged') + + self.bus.add_signal_receiver( + lambda device, **kwargs: self.device_add_rm(device, True, **kwargs), + bus_name='org.freedesktop.NetworkManager', + dbus_interface = 'org.freedesktop.NetworkManager', + signal_name = 'DeviceAdded', + sender_keyword = 'sender') + + self.bus.add_signal_receiver( + lambda device, **kwargs: self.device_add_rm(device, False, **kwargs), + bus_name='org.freedesktop.NetworkManager', + dbus_interface = 'org.freedesktop.NetworkManager', + signal_name = 'DeviceRemoved', + sender_keyword = 'sender') + + if not os.access(self.STATEDIR, os.F_OK): + os.makedirs(self.STATEDIR) + + def cleanup(self): + self.switcher = None + + def savestate(self): + debug(1,"save state") + file = self.STATEDIR + "/nmwatcher.zones" + f = open(file, 'w') + for uuid in self.zones.keys(): + print >>f, "%s %s"%(uuid, self.zones[uuid]) + f.close() + + def readstate(self): + debug(1,"read state") + file = self.STATEDIR + "/nmwatcher.zones" + if not os.access(file, os.F_OK): + return + f = open(file, 'r') + if (f): + line = f.readline() + while(line): + a = line.split('\n')[0].split(' ') + if (len(a) == 2): + debug(1,"%s -> %s"%(a[0], a[1])) + self.zones[a[0]] = a[1] + line = f.readline() + f.close() + + def applystate(self): + didsomething = False + for name in self.devuuid: + uuid = self.devuuid[name] + try: + if uuid in self.zones: + z = self.zones[uuid] + if z != self.switcher._get_zone(name): + self.switcher.setZone(name, z) + didsomething = True + except FirewallException, e: + print e + + if (didsomething and self.switcher.Status()): + self.switcher.Run() + + def devstate2name(self, state): + if state in self.DEVSTATES: + return self.DEVSTATES[state] + return "UNKNOWN:%s"%state + + def nameowner_changed_handler(self, name, old, new): + if name != 'org.freedesktop.NetworkManager': + return + + off = old and not new + self.check_status(off) + + def device_add_rm(self, device, added, sender=None, **kwargs): + if (added): + self.watch_device(device) + else: + debug(1,"device %s removed"%device) + if (device in self.devicewatchers): + self.devicewatchers[device].remove() + del self.devicewatchers[device] + + def device_state_changed_handler(self, props, name, new, old, reason, **kwargs): + uuid = None + try: + conn_path = props.Get("org.freedesktop.NetworkManager.Device", "ActiveConnection") + uuid = self.activeconn_get_uuid(conn_path) + except dbus.DBusException, e: + pass + debug(1,"%s: state change %s -> %s" % (name, self.devstate2name(old), self.devstate2name(new))) + needchange = False + if (not name in self.devuuid): + debug(1,"%s: new uuid %s"%(name, uuid)) + needchange = True + elif (self.devuuid[name] != uuid): + debug(1,"%s: uuid change %s -> %s"%(name, self.devuuid[name], uuid)) + needchange = True + # save previously used zone in case it changed + if self.devuuid[name]: + self.check_and_save(name, self.devuuid[name]) + + if (needchange): + self.devuuid[name] = uuid + try: + z = None + if (uuid and uuid in self.zones): + z = self.zones[uuid] + debug(1,"%s: setting zone to %s"%(name, z)) + self.switcher.setZone(name, z) + if (self.switcher.Status()): + self.switcher.Run() + except FirewallException, e: + print e + + #if (uuid): + #self.check_and_save(name, uuid) + + #self.devuuid[name] = uuid + + def check_and_save(self, name, uuid): + if not uuid: + debug(1,"BUG: check_and_save called with None uuid") + return + z = self.switcher._get_zone(name) + if (z == ""): + z = None + if (z and (not uuid in self.zones or self.zones[uuid] != z)): + debug(1,"%s: new zone %s"%(uuid, z)) + self.zones[uuid] = z + self.savestate() + + def _connect_nm(self): + try: + self.proxy = self.bus.get_object("org.freedesktop.NetworkManager", "/org/freedesktop/NetworkManager") + self.manager = manager = dbus.Interface(self.proxy, "org.freedesktop.NetworkManager") + running = True + except dbus.DBusException, e: + running = False + + return running + + def check_status(self, force_off=False): + if (force_off): + running = False + else: + running = self.running + if (not self.manager): + running = self._connect_nm() + + if (running): + if (not self.running): + devices = self.manager.GetDevices() + for d in devices: + self.watch_device(d) + + if (not running): + self.proxy = self.manager = None + self.devices = None + for d in self.devicewatchers: + self.devicewatchers[d].remove() + self.devicewatchers = {} + + self.running = running + debug(1,"NM Running: %s"%self.running) + global timer + timer.inhibit("nm", running) + return + + def activeconn_get_uuid(self, path): + try: + if (path != '/'): + conn = self.bus.get_object("org.freedesktop.NetworkManager", path) + return conn.Get( "org.freedesktop.NetworkManager.Connection.Active", "Uuid", + dbus_interface="org.freedesktop.DBus.Properties") + except dbus.DBusException, e: + pass + return None + + def watch_device(self, d): + # already watched. could happen if NM restarts and we both query all + # devices and receive device add signals. + if (d in self.devicewatchers): + return + + dev = self.bus.get_object("org.freedesktop.NetworkManager", d) + props = dbus.Interface(dev, "org.freedesktop.DBus.Properties") + name = props.Get("org.freedesktop.NetworkManager.Device", "Interface") + state = props.Get("org.freedesktop.NetworkManager.Device", "State") + conn_path = props.Get("org.freedesktop.NetworkManager.Device", "ActiveConnection") + + uuid = self.activeconn_get_uuid(conn_path) + + self.devuuid[name] = uuid + + debug(1,"Watching %s, state %s, uuid %s" % (name, self.devstate2name(state), uuid)) + self.devicewatchers[d] = self.bus.add_signal_receiver( + lambda new, old, reason, **kwargs: self.device_state_changed_handler(props, name, new, old, reason, **kwargs), + bus_name='org.freedesktop.NetworkManager', + dbus_interface = 'org.freedesktop.NetworkManager.Device', + signal_name = 'StateChanged', + path = d, sender_keyword = 'sender') + ## XXX: not sure why setZone was needed here: +# try: +# self.switcher.setZone(name, None) +# except FirewallException, e: +# print e + def _zone_changed_receive(self, iface, zone): + if not iface: + return + debug(1,"zone change on %s, marking dirty"%iface) + self.ifacedirty[iface] = 1 + + def _has_run_received(self): + debug(1,"has run received") + if len(self.ifacedirty): + for name in self.ifacedirty.keys(): + if self.devuuid[name]: + self.check_and_save(name, self.devuuid[name]) + self.ifacedirty = {} + +class Timer: + + def __init__(self, mainloop): + self.timeout = None + self.mainloop = mainloop + self.inhibitors = {} + + self._start() + + def inhibit(self, who, doit): + if (doit): + self.inhibitors[who] = 1 + debug(1,"inhibitor %s added"%who) + elif (who in self.inhibitors): + del self.inhibitors[who] + debug(1,"inhibitor %s removed"%who) + + if len(self.inhibitors) == 0: + self._start() + else: + if self.timeout: + gobject.source_remove(self.timeout) + debug(1,"timer deleted") + + def _start(self): + if self.timeout: + gobject.source_remove(self.timeout) + self.timeout = gobject.timeout_add(TIMEOUT * 1000, self._goodbye) + debug(1,"new timer installed") + + def _goodbye(self): + if len(self.inhibitors): + debug(1,"inhibitors != 0. Should not happen!", self.inhibitors) + return True + debug(1,"exit due to timeout") + self.mainloop.quit() + return False + if __name__ == '__main__': + + from optparse import OptionParser + + parser = OptionParser(usage="%prog [options]") + parser.add_option('--debug', dest="debug", metavar='N', + action='store', type='int', default=0, + help="debug level") + + (opts, args) = parser.parse_args() + if opts.debug: + _debug_level = opts.debug + + gettext.install('fwzsd') + dbus.mainloop.glib.DBusGMainLoop(set_as_default=True) + mainloop = gobject.MainLoop() + + timer = Timer(mainloop) bus = dbus.SystemBus() name = dbus.service.BusName("org.opensuse.zoneswitcher", bus) - object = ZoneSwitcherDBUS(ZoneSwitcherSuSEfirewall2(), bus, '/org/opensuse/zoneswitcher0') + if os.access("/etc/sysconfig/SuSEfirewall2", os.F_OK): + switcher = ZoneSwitcherSuSEfirewall2() + else: + print "Unsupported Firewall" + import sys + sys.exit(1) + object = ZoneSwitcherDBUS(switcher, bus, '/org/opensuse/zoneswitcher0') + + nm = NMWatcher(switcher) - mainloop = gobject.MainLoop() object.set_mainloop(mainloop) mainloop.run() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fwzs-0.4/po/fwzsapp.pot new/fwzs-0.5/po/fwzsapp.pot --- old/fwzs-0.4/po/fwzsapp.pot 2011-04-27 15:52:05.000000000 +0200 +++ new/fwzs-0.5/po/fwzsapp.pot 2011-09-29 15:29:49.000000000 +0200 @@ -8,7 +8,7 @@ msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2011-04-27 15:52+0200\n" +"POT-Creation-Date: 2011-09-29 12:28+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <l...@li.org>\n" @@ -17,65 +17,61 @@ "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" -#: ../fwzsapp.py:46 +#: ../fwzsapp.py:40 +msgid "Firewall Zone Switcher" +msgstr "" + +#: ../fwzsapp.py:58 msgid "" "No zones found but Firewall is running.\n" "Fwzs is probably not supported." msgstr "" -#: ../fwzsapp.py:47 +#: ../fwzsapp.py:59 msgid "The firewall is not running." msgstr "" -#: ../fwzsapp.py:48 +#: ../fwzsapp.py:60 msgid "zoneswitcher service not running or broken" msgstr "" -#: ../fwzsapp.py:132 +#: ../fwzsapp.py:144 msgid "Settings" msgstr "" -#: ../fwzsapp.py:138 +#: ../fwzsapp.py:150 msgid "System Tray Icon" msgstr "" -#: ../fwzsapp.py:143 +#: ../fwzsapp.py:155 msgid "Start on Log-in" msgstr "" -#: ../fwzsapp.py:183 +#: ../fwzsapp.py:195 msgid "Can't get list of interfaces or zones" msgstr "" -#: ../fwzsapp.py:186 +#: ../fwzsapp.py:198 #, python-format msgid "Choose Zone for %s" msgstr "" -#: ../fwzsapp.py:301 +#: ../fwzsapp.py:313 msgid "Firewall interfaces" msgstr "" -#: ../fwzsapp.py:326 +#: ../fwzsapp.py:338 msgid "No interfaces found." msgstr "" -#: ../fwzsapp.py:337 ../fwzsapp.py:404 +#: ../fwzsapp.py:349 ../fwzsapp.py:409 msgid "Run Firewall" msgstr "" -#: ../fwzsapp.py:346 +#: ../fwzsapp.py:358 msgid "Quit" msgstr "" -#: ../fwzsapp.py:366 ../fwzsapp.py:450 -msgid "Firewall Zone Switcher" -msgstr "" - -#: ../fwzsapp.py:426 -msgid "Unknown" -msgstr "" - #: ../fwzsapp.py:456 msgid "Interfaces" msgstr "" @@ -84,11 +80,20 @@ msgid "Settings..." msgstr "" -#: ../fwzsapp.py:593 +#: ../fwzsapp.py:518 +msgid "Unknown" +msgstr "" + +#: ../fwzsapp.py:562 +#, python-format +msgid "%s now in zone '%s'" +msgstr "" + +#: ../fwzsapp.py:650 msgid "Firewall Error" msgstr "" -#: ../fwzsapp.py:651 +#: ../fwzsapp.py:706 msgid "" "The PolicyKit Authentication Agent is not available.\n" "Try installing 'PolicyKit-gnome'." diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fwzs-0.4/po/fwzsapp_de.po new/fwzs-0.5/po/fwzsapp_de.po --- old/fwzs-0.4/po/fwzsapp_de.po 2011-04-27 17:27:03.000000000 +0200 +++ new/fwzs-0.5/po/fwzsapp_de.po 2011-09-29 15:29:49.000000000 +0200 @@ -10,7 +10,7 @@ msgstr "" "Project-Id-Version: fwzsapp_de\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2011-04-27 15:52+0200\n" +"POT-Creation-Date: 2011-09-29 12:28+0200\n" "PO-Revision-Date: 2011-04-27 17:27+0200\n" "Last-Translator: Ludwig Nussel <ludwig.nus...@suse.de>\n" "Language-Team: German <kde-i18n...@kde.org>\n" @@ -21,7 +21,11 @@ "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Lokalize 1.2\n" -#: ../fwzsapp.py:46 +#: ../fwzsapp.py:40 +msgid "Firewall Zone Switcher" +msgstr "Firewall Zonen-Umschalter" + +#: ../fwzsapp.py:58 msgid "" "No zones found but Firewall is running.\n" "Fwzs is probably not supported." @@ -29,59 +33,51 @@ "Keine Zonen gefunden\n" "Fwzs wird möglicherweise nicht unterstützt." -#: ../fwzsapp.py:47 +#: ../fwzsapp.py:59 msgid "The firewall is not running." msgstr "Die Firewall läuft nicht." -#: ../fwzsapp.py:48 +#: ../fwzsapp.py:60 msgid "zoneswitcher service not running or broken" msgstr "zoneswitcher Dienst läuft nicht oder ist kaputt" -#: ../fwzsapp.py:132 +#: ../fwzsapp.py:144 msgid "Settings" msgstr "Einstellungen" -#: ../fwzsapp.py:138 +#: ../fwzsapp.py:150 msgid "System Tray Icon" msgstr "System Tray Icon" -#: ../fwzsapp.py:143 +#: ../fwzsapp.py:155 msgid "Start on Log-in" msgstr "Beim Einloggen starten" -#: ../fwzsapp.py:183 +#: ../fwzsapp.py:195 msgid "Can't get list of interfaces or zones" msgstr "Liste der Schnittstellen kann nicht abgerufen werden" -#: ../fwzsapp.py:186 +#: ../fwzsapp.py:198 #, python-format msgid "Choose Zone for %s" msgstr "Zone für %s wählen" -#: ../fwzsapp.py:301 +#: ../fwzsapp.py:313 msgid "Firewall interfaces" msgstr "Firewall Schnittstellen" -#: ../fwzsapp.py:326 +#: ../fwzsapp.py:338 msgid "No interfaces found." msgstr "Keine Schnittstellen gefunden." -#: ../fwzsapp.py:337 ../fwzsapp.py:404 +#: ../fwzsapp.py:349 ../fwzsapp.py:409 msgid "Run Firewall" msgstr "Firewall ausführen" -#: ../fwzsapp.py:346 +#: ../fwzsapp.py:358 msgid "Quit" msgstr "Beenden" -#: ../fwzsapp.py:366 ../fwzsapp.py:450 -msgid "Firewall Zone Switcher" -msgstr "Firewall Zonen-Umschalter" - -#: ../fwzsapp.py:426 -msgid "Unknown" -msgstr "Unbekannt" - #: ../fwzsapp.py:456 msgid "Interfaces" msgstr "Schnittstellen" @@ -90,15 +86,23 @@ msgid "Settings..." msgstr "Einstellungen..." -#: ../fwzsapp.py:593 +#: ../fwzsapp.py:518 +msgid "Unknown" +msgstr "Unbekannt" + +#: ../fwzsapp.py:562 +#, python-format +msgid "%s now in zone '%s'" +msgstr "%s jetzt in Zone '%s'" + +#: ../fwzsapp.py:650 msgid "Firewall Error" msgstr "Firewall Fehler" -#: ../fwzsapp.py:651 +#: ../fwzsapp.py:706 msgid "" "The PolicyKit Authentication Agent is not available.\n" "Try installing 'PolicyKit-gnome'." msgstr "" "Der \"PolicyKit Authentication Agent\" ist nicht verfügbar\n" "Versuchen Sie 'PolicyKit-gnome' zu installieren." - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fwzs-0.4/po/fwzsd.pot new/fwzs-0.5/po/fwzsd.pot --- old/fwzs-0.4/po/fwzsd.pot 2011-04-27 15:52:05.000000000 +0200 +++ new/fwzs-0.5/po/fwzsd.pot 2011-09-29 15:29:49.000000000 +0200 @@ -8,7 +8,7 @@ msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2011-04-27 15:52+0200\n" +"POT-Creation-Date: 2011-09-29 12:28+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <l...@li.org>\n" @@ -17,14 +17,18 @@ "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" -#: ../fwzsd.py:202 -msgid "Trusted" +#: ../fwzsd.py:224 +msgid "You are not authorized." msgstr "" -#: ../fwzsd.py:203 -msgid "DMZ" +#: ../fwzsd.py:234 +msgid "Private Network" msgstr "" -#: ../fwzsd.py:204 -msgid "Untrusted" +#: ../fwzsd.py:235 +msgid "Something inbetween" +msgstr "" + +#: ../fwzsd.py:236 +msgid "Public Network" msgstr "" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fwzs-0.4/po/fwzsd_de.po new/fwzs-0.5/po/fwzsd_de.po --- old/fwzs-0.4/po/fwzsd_de.po 2011-04-27 17:29:50.000000000 +0200 +++ new/fwzs-0.5/po/fwzsd_de.po 2011-09-29 15:29:49.000000000 +0200 @@ -8,7 +8,7 @@ msgstr "" "Project-Id-Version: fwzsd\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2011-04-27 15:52+0200\n" +"POT-Creation-Date: 2011-09-29 12:28+0200\n" "PO-Revision-Date: 2011-04-27 17:29+0200\n" "Last-Translator: Ludwig Nussel <ludwig.nus...@suse.de>\n" "Language-Team: German <kde-i18n...@kde.org>\n" @@ -19,17 +19,30 @@ "X-Generator: Lokalize 1.2\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -#: ../fwzsd.py:202 -msgid "Trusted" -msgstr "Vertrauenswürdig" - -#: ../fwzsd.py:203 -msgid "DMZ" -msgstr "DMZ" - -#: ../fwzsd.py:204 -msgid "Untrusted" -msgstr "Nicht Vertrauenswürdig" +#: ../fwzsd.py:224 +msgid "You are not authorized." +msgstr "Sie sind nicht Authorisiert" + +#: ../fwzsd.py:234 +msgid "Private Network" +msgstr "Privates Netz " + +#: ../fwzsd.py:235 +msgid "Something inbetween" +msgstr "Irgendwas dazwischen" + +#: ../fwzsd.py:236 +msgid "Public Network" +msgstr "Öffentliches Netz " + +#~ msgid "Trusted" +#~ msgstr "Vertrauenswürdig" + +#~ msgid "DMZ" +#~ msgstr "DMZ" + +#~ msgid "Untrusted" +#~ msgstr "Nicht Vertrauenswürdig" #~ msgid "Not Protected" #~ msgstr "Ungeschützt" @@ -40,8 +53,5 @@ #~ msgid "Protected" #~ msgstr "Geschützt" -#~ msgid "Foreign Network" -#~ msgstr "Fremdes Netz " - #~ msgid "Internet" #~ msgstr "Internet" continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
