Signed-off-by: Eric Garver <eric(a)garver.life>
---
src/libvirt_private.syms | 1 +
src/util/virfirewalld.c | 31 +++++++++++++++++++++++++++++++
src/util/virfirewalld.h | 1 +
3 files changed, 33 insertions(+)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 32c8bdeb23ee..92b6062fabda 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2375,6 +2375,7 @@ virFirewallDGetVersion;
virFirewallDGetZones;
virFirewallDInterfaceSetZone;
virFirewallDIsRegistered;
+virFirewallDPolicyExists;
virFirewallDSynchronize;
virFirewallDZoneExists;
diff --git a/src/util/virfirewalld.c b/src/util/virfirewalld.c
index 0912508dbc45..ad879164c3a8 100644
--- a/src/util/virfirewalld.c
+++ b/src/util/virfirewalld.c
@@ -296,6 +296,37 @@ virFirewallDZoneExists(const char *match)
}
+/**
+ * virFirewallDPolicyExists:
+ * @match: name of policy to look for
+ *
+ * Returns true if the requested policy exists, or false if it doesn't exist
+ */
+bool
+virFirewallDPolicyExists(const char *match)
+{
+ size_t npolicies = 0, i;
+ char **policies = NULL;
+ bool result = false;
+
+ if (virFirewallDGetPolicies(&policies, &npolicies) < 0)
+ goto cleanup;
+
+ for (i = 0; i < npolicies; i++) {
+ if (STREQ_NULLABLE(policies[i], match))
+ result = true;
+ }
+
+ cleanup:
+ VIR_DEBUG("Requested policy '%s' %s exist",
+ match, result ? "does" : "doesn't");
+ for (i = 0; i < npolicies; i++)
+ VIR_FREE(policies[i]);
+ VIR_FREE(policies);
+ return result;
+}
+
+
/**
* virFirewallDApplyRule:
* @layer: which layer to apply the rule to
diff --git a/src/util/virfirewalld.h b/src/util/virfirewalld.h
index ef05896e2b8b..fa4c9e702ccb 100644
--- a/src/util/virfirewalld.h
+++ b/src/util/virfirewalld.h
@@ -35,6 +35,7 @@ int virFirewallDIsRegistered(void);
int virFirewallDGetZones(char ***zones, size_t *nzones);
int virFirewallDGetPolicies(char ***policies, size_t *npolicies);
bool virFirewallDZoneExists(const char *match);
+bool virFirewallDPolicyExists(const char *match);
int virFirewallDApplyRule(virFirewallLayer layer,
char **args, size_t argsLen,
bool ignoreErrors,
--
2.35.3