firewall: T970: Maintain a domain state to fallback if resolution fails

author: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2022-06-05 10:59:47 +0200
committer: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2022-06-05 10:59:47 +0200
commit: d1bdf2b9d80d2e34b7370823d6f684102d7c9f4e (patch)
tree: a39307f088a78d4e0b9503a2a9a0d612c949c31c /python
parent: e990b2f4c045f5d1be02915ec7d8869d5475ed4e (diff)
download: vyos-1x-d1bdf2b9d80d2e34b7370823d6f684102d7c9f4e.tar.gz
vyos-1x-d1bdf2b9d80d2e34b7370823d6f684102d7c9f4e.zip
1 files changed, 4 insertions, 5 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 8a1237ca9..b962c4f18 100644
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -26,21 +26,20 @@ def get_ips_domains_dict(list_domains):
     """
     Get list of IPv4 addresses by list of domains
     Ex: get_ips_domains_dict(['ex1.com', 'ex2.com'])
-        ['192.0.2.1', '192.0.2.2', '192.0.2.3']
+        {'ex1.com': ['192.0.2.1'], 'ex2.com': ['192.0.2.2', '192.0.2.3']}
     """
     from socket import gethostbyname_ex
     from socket import gaierror
 
-    ip_list = []
+    ip_dict = {}
     for domain in list_domains:
         try:
             _, _, ips = gethostbyname_ex(domain)
-            for entry in ips:
-                ip_list.append(entry)
+            ip_dict[domain] = ips
         except gaierror:
             pass
 
-    return ip_list
+    return ip_dict
 
 def nft_init_set(group_name, table="filter", family="ip"):
     """
author	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2022-06-05 10:59:47 +0200
committer	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2022-06-05 10:59:47 +0200
commit	d1bdf2b9d80d2e34b7370823d6f684102d7c9f4e (patch)
tree	a39307f088a78d4e0b9503a2a9a0d612c949c31c /python
parent	e990b2f4c045f5d1be02915ec7d8869d5475ed4e (diff)
download	vyos-1x-d1bdf2b9d80d2e34b7370823d6f684102d7c9f4e.tar.gz vyos-1x-d1bdf2b9d80d2e34b7370823d6f684102d7c9f4e.zip