Re: [PATCH firewalld] feat: service: add nbd (Network Block Device) service
On Thu, Aug 13, 2020 at 12:47:15PM -0400, Eric Garver wrote:
> On Thu, Aug 13, 2020 at 11:25:18AM -0500, Eric Blake wrote:
> > On 8/13/20 10:28 AM, Eric Garver wrote:
> > > On Thu, Aug 13, 2020 at 01:38:54PM +0100, Richard W.M. Jones wrote:
> > > > ---
> > > > config/Makefile.am | 1 +
> > > > config/services/nbd.xml | 6 ++++++
> > > > po/POTFILES.in | 1 +
> > > > 3 files changed, 8 insertions(+)
> > >
> > > Thanks! I applied and pushed this upstream:
> > >
> > > 8f562559dad8 ("feat: service: add nbd (Network Block Device)
> > > service")
> >
> > Unrelated question - why can't firewalld automatically support an implied
> > service for every listing in /etc/services, in order to reduce the number of
> > patches needed to config/services/*.xml which end up duplicating efforts?
>
> You can do that.
>
> # firewall-cmd --add-port gopher/tcp
> success
>
> Internally it uses socket.getservbyname() [1].
I was initially prompted to provide this patch because I thought that
this would work in public.xml, but it did not:
<service name="nbd"/>
Of course the equivalent <port port="nbd" protocol="tcp"/> works, but
it seems as if the same information is present in /etc/services
already.
Rich.
> Unfortunately listing the ports doesn't do the reverse translation, but
> this could be addressed.
>
> # firewall-cmd --list-ports
> 70/tcp
>
> Services are useful if you want to open a collection of ports or the
> service needs conntrack helpers.
>
> [1]: https://docs.python.org/3/library/socket.html#socket.getservbyname
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top
Reply to: