From 60bbd8098f5a81e4d0e0e36438526fa4df0c4a2e Mon Sep 17 00:00:00 2001
From: Adrien Beudin <beudbeud@beudibox.fr>
Date: Wed, 25 Jun 2014 22:31:39 +0200
Subject: [PATCH 1/3] add reload upnp only

---
 firewall.py | 46 ++++++++++++++++++++++++++++------------------
 1 file changed, 28 insertions(+), 18 deletions(-)

diff --git a/firewall.py b/firewall.py
index 4d9b8ae45..ab27d892d 100644
--- a/firewall.py
+++ b/firewall.py
@@ -172,21 +172,7 @@ def firewall_reload():
     if os.system("iptables -P INPUT ACCEPT") != 0:
         raise MoulinetteError(errno.ESRCH, m18n.n('iptables_unavailable'))
     if upnp:
-        try:
-            upnpc = miniupnpc.UPnP()
-            upnpc.discoverdelay = 3000
-            if upnpc.discover() == 1:
-                upnpc.selectigd()
-                for protocol in ['TCP', 'UDP']:
-                    for port in firewall['uPnP'][protocol]:
-                        if upnpc.getspecificportmapping(port, protocol):
-                            try: upnpc.deleteportmapping(port, protocol)
-                            except: pass
-                        upnpc.addportmapping(port, protocol, upnpc.lanaddr, port, 'yunohost firewall : port %d' % port, '')
-            else:
-                raise MoulinetteError(errno.ENXIO, m18n.n('upnp_dev_not_found'))
-        except:
-            msignals.display(m18n.n('upnp_port_open_failed'), 'warning')
+        firewall_upnp(action="reload")
 
     os.system("iptables -F")
     os.system("iptables -X")
@@ -236,19 +222,23 @@ def firewall_upnp(action=None):
     Add uPnP cron and enable uPnP in firewall.yml, or the opposite.
 
     Keyword argument:
-        action -- enable/disable
+        action -- enable/disable/reload
 
     """
     firewall = firewall_list(raw=True)
 
-    if action:
+    if action == 'reload':
+        action = action[0:]
+    else:
         action = action[0]
 
     if action == 'enable':
         firewall['uPnP']['enabled'] = True
 
         with open('/etc/cron.d/yunohost-firewall', 'w+') as f:
-            f.write('*/50 * * * * root PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin yunohost firewall reload >>/dev/null\n')
+            f.write('PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
+            \n*/50 * * * * root yunohost firewall upnp reload >>/dev/null \
+            \n*/50 * * * * root iptables -L | grep ^fail2ban-dovecot > /dev/null 2>&1; if [ $? != 0 ]; then yunohost firewall reload; fi >>/dev/null')
 
         msignals.display(m18n.n('upnp_enabled'), 'success')
 
@@ -273,6 +263,26 @@ def firewall_upnp(action=None):
 
         msignals.display(m18n.n('upnp_disabled'), 'success')
 
+    if action == 'reload':
+        upnp = firewall['uPnP']['enabled']
+
+        if upnp:
+            try:
+                upnpc = miniupnpc.UPnP()
+                upnpc.discoverdelay = 3000
+                if upnpc.discover() == 1:
+                    upnpc.selectigd()
+                    for protocol in ['TCP', 'UDP']:
+                        for port in firewall['uPnP'][protocol]:
+                            if upnpc.getspecificportmapping(port, protocol):
+                                try: upnpc.deleteportmapping(port, protocol)
+                                except: pass
+                            upnpc.addportmapping(port, protocol, upnpc.lanaddr, port, 'yunohost firewall : port %d' % port, '')
+                else:
+                    raise MoulinetteError(errno.ENXIO, m18n.n('upnp_dev_not_found'))
+            except:
+                msignals.display(m18n.n('upnp_port_open_failed'), 'warning')
+
     if action:
         os.system("cp /etc/yunohost/firewall.yml /etc/yunohost/firewall.yml.old")
         with open('/etc/yunohost/firewall.yml', 'w') as f:

From 92b934fc85ffd268ace5c93d44ebe6625d4a31dc Mon Sep 17 00:00:00 2001
From: Adrien Beudin <beudbeud@beudibox.fr>
Date: Wed, 25 Jun 2014 22:47:10 +0200
Subject: [PATCH 2/3] update actionsmap

---
 actionsmap/yunohost.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/actionsmap/yunohost.yml b/actionsmap/yunohost.yml
index 79666cd98..4273f0fcf 100644
--- a/actionsmap/yunohost.yml
+++ b/actionsmap/yunohost.yml
@@ -881,6 +881,7 @@ firewall:
                     choices:
                         - enable
                         - disable
+                        - reload
                         - []
                     nargs: "*"
 

From ffc0f0bd531a8cde131399b7ec89ff43a86a28ad Mon Sep 17 00:00:00 2001
From: Adrien Beudin <beudbeud@beudibox.fr>
Date: Thu, 26 Jun 2014 12:30:16 +0200
Subject: [PATCH 3/3] fix action

---
 firewall.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/firewall.py b/firewall.py
index ab27d892d..c7b0aae15 100644
--- a/firewall.py
+++ b/firewall.py
@@ -172,7 +172,7 @@ def firewall_reload():
     if os.system("iptables -P INPUT ACCEPT") != 0:
         raise MoulinetteError(errno.ESRCH, m18n.n('iptables_unavailable'))
     if upnp:
-        firewall_upnp(action="reload")
+        firewall_upnp(action=['reload'])
 
     os.system("iptables -F")
     os.system("iptables -X")
@@ -227,9 +227,7 @@ def firewall_upnp(action=None):
     """
     firewall = firewall_list(raw=True)
 
-    if action == 'reload':
-        action = action[0:]
-    else:
+    if action:
         action = action[0]
 
     if action == 'enable':