From 3dbfe70c12f90e38cdd3773efe66f58dc6f454e9 Mon Sep 17 00:00:00 2001
From: "K. de Jong" <kjong+dev@neobits.nl>
Date: Sat, 10 Jun 2023 08:56:22 +0200
Subject: [PATCH 1/6] test(pillar.example): add `includes`

---
 firewalld/files/service.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/firewalld/files/service.xml b/firewalld/files/service.xml
index 7d92f35..6a0d859 100644
--- a/firewalld/files/service.xml
+++ b/firewalld/files/service.xml
@@ -79,4 +79,9 @@
     {%- endfor %}
   {%- endif %}
 {%- endif %}
+{%- if 'includes' in service %}
+  {%- for v in service.includes %}
+  <include service="{{ v }}" />
+  {%- endfor %}
+{%- endif %}
 </service>

From 75bdbebf3c4d0e4bd7d67f901a815a2596ee5495 Mon Sep 17 00:00:00 2001
From: "K. de Jong" <kjong+dev@neobits.nl>
Date: Wed, 8 May 2024 15:26:05 +0200
Subject: [PATCH 2/6] feat(zone): adding forwarding option to zone

---
 firewalld/files/zone.xml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/firewalld/files/zone.xml b/firewalld/files/zone.xml
index 2276939..f968308 100644
--- a/firewalld/files/zone.xml
+++ b/firewalld/files/zone.xml
@@ -33,6 +33,9 @@
   {%- if 'masquerade' in rule %}
     {%- if rule.masquerade %}<masquerade/>{%- endif %}
   {%- endif %}
+  {%- if 'forward' in rule %}
+    {%- if rule.forward %}<forward/>{%- endif %}
+  {%- endif %}
   {%- if 'forward_port' in rule %}
     {%- if 'comment' in rule.forward_port %}
       <!-- {{ rule.forward_port.comment }} -->

From f34a48073c0f39a0c0980cb6bbe8c1aff9ca5f2c Mon Sep 17 00:00:00 2001
From: "K. de Jong" <kjong+dev@neobits.nl>
Date: Wed, 8 May 2024 15:31:10 +0200
Subject: [PATCH 3/6] chore(service): removed changes not intended for this
 branch

---
 firewalld/files/service.xml | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/firewalld/files/service.xml b/firewalld/files/service.xml
index 6a0d859..7d92f35 100644
--- a/firewalld/files/service.xml
+++ b/firewalld/files/service.xml
@@ -79,9 +79,4 @@
     {%- endfor %}
   {%- endif %}
 {%- endif %}
-{%- if 'includes' in service %}
-  {%- for v in service.includes %}
-  <include service="{{ v }}" />
-  {%- endfor %}
-{%- endif %}
 </service>

From a91cd95ebb66e7c6044379504c3ca411fdd1f801 Mon Sep 17 00:00:00 2001
From: "K. de Jong" <kjong+dev@neobits.nl>
Date: Wed, 8 May 2024 16:14:02 +0200
Subject: [PATCH 4/6] fix(zone): the forward statement was set in the rule
 section

---
 firewalld/files/zone.xml                                 | 6 +++---
 test/integration/default/files/_mapdata/almalinux-8.yaml | 1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/firewalld/files/zone.xml b/firewalld/files/zone.xml
index f968308..740af79 100644
--- a/firewalld/files/zone.xml
+++ b/firewalld/files/zone.xml
@@ -33,9 +33,6 @@
   {%- if 'masquerade' in rule %}
     {%- if rule.masquerade %}<masquerade/>{%- endif %}
   {%- endif %}
-  {%- if 'forward' in rule %}
-    {%- if rule.forward %}<forward/>{%- endif %}
-  {%- endif %}
   {%- if 'forward_port' in rule %}
     {%- if 'comment' in rule.forward_port %}
       <!-- {{ rule.forward_port.comment }} -->
@@ -139,6 +136,9 @@
   <forward-port port="{{ v.portid }}" protocol="{{ v.protocol }}"{%- if 'to_port' in v %} to-port="{{ v.to_port }}"{%- endif %}{%- if 'to_addr' in v %} to-addr="{{ v.to_addr }}"{%- endif %} />
   {%- endfor %}
 {%- endif %}
+{%- if 'forward' in zone %}
+  {%- if rule.forward %}<forward/>{%- endif %}
+{%- endif %}
 {%- if 'source_ports' in zone %}
   {%- for v in zone.source_ports %}
     {%- if 'comment' in v %}
diff --git a/test/integration/default/files/_mapdata/almalinux-8.yaml b/test/integration/default/files/_mapdata/almalinux-8.yaml
index 2b396a8..d617f7f 100644
--- a/test/integration/default/files/_mapdata/almalinux-8.yaml
+++ b/test/integration/default/files/_mapdata/almalinux-8.yaml
@@ -112,6 +112,7 @@ values:
         are accepted.
       other_services:
       - zabbixcustom
+      forward: true
       ports:
       - comment: zabbix-agent
         port: 10050

From ba7f9d9f6a9bebaef74fd47291e3ca5ab0dd716f Mon Sep 17 00:00:00 2001
From: "K. de Jong" <kjong+dev@neobits.nl>
Date: Wed, 8 May 2024 16:18:40 +0200
Subject: [PATCH 5/6] docs(zone): added forwarding to pillar example

---
 pillar.example | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pillar.example b/pillar.example
index 87d4690..4559d46 100644
--- a/pillar.example
+++ b/pillar.example
@@ -116,6 +116,7 @@ firewalld:
         - zabbixcustom
       protocols:
         - igmp
+      forward: true
       rich_rules:
         - family: ipv4
           source:

From c9919881a7b52c78f1fa230f8b918e97b8327fb4 Mon Sep 17 00:00:00 2001
From: "K. de Jong" <kjong+dev@neobits.nl>
Date: Wed, 8 May 2024 16:46:52 +0200
Subject: [PATCH 6/6] fix(zone): fixed conditional and formatting of template
 for forwarding

---
 firewalld/files/zone.xml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/firewalld/files/zone.xml b/firewalld/files/zone.xml
index 740af79..f802e28 100644
--- a/firewalld/files/zone.xml
+++ b/firewalld/files/zone.xml
@@ -123,6 +123,11 @@
 {%- if 'icmp_block_inversion' in zone and zone.icmp_block_inversion %}
   <icmp-block-inversion />
 {%- endif %}
+{%- if 'forward' in zone %}
+  {%- if zone.forward %}
+  <forward/>
+  {%- endif %}
+{%- endif %}
 {%- if 'masquerade' in zone %}
   {%- if zone.masquerade %}
   <masquerade/>
@@ -136,9 +141,6 @@
   <forward-port port="{{ v.portid }}" protocol="{{ v.protocol }}"{%- if 'to_port' in v %} to-port="{{ v.to_port }}"{%- endif %}{%- if 'to_addr' in v %} to-addr="{{ v.to_addr }}"{%- endif %} />
   {%- endfor %}
 {%- endif %}
-{%- if 'forward' in zone %}
-  {%- if rule.forward %}<forward/>{%- endif %}
-{%- endif %}
 {%- if 'source_ports' in zone %}
   {%- for v in zone.source_ports %}
     {%- if 'comment' in v %}