diff --git a/firewalld-fix-firewalld-config-crash.patch b/firewalld-fix-firewalld-config-crash.patch
new file mode 100644
index 0000000..837eca5
--- /dev/null
+++ b/firewalld-fix-firewalld-config-crash.patch
@@ -0,0 +1,44 @@
+From a24ab61eabe24656b457273f54133fa99087f2f6 Mon Sep 17 00:00:00 2001
+From: Farenjihn <farenjihn@gmail.com>
+Date: Fri, 17 Aug 2018 11:58:55 +0200
+Subject: [PATCH] firewall/core/fw_nm: nm_get_zone_of_connection should return
+ None or empty string instead of False
+
+(cherry picked from commit 5a59a90f449a8bf836e62e2d9ad486301b1aa2bb)
+---
+ src/firewall/core/fw_nm.py | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/firewall/core/fw_nm.py b/src/firewall/core/fw_nm.py
+index 97113d95..37282a1a 100644
+--- a/src/firewall/core/fw_nm.py
++++ b/src/firewall/core/fw_nm.py
+@@ -75,21 +75,21 @@ def nm_get_zone_of_connection(connection):
+ 
+     con = nm_get_client().get_connection_by_uuid(connection)
+     if con is None:
+-        return False
++        return None
+ 
+     setting_con = con.get_setting_connection()
+     if setting_con is None:
+-        return False
++        return None
+ 
+     try:
+         if con.get_flags() & (NM.SettingsConnectionFlags.NM_GENERATED
+                               | NM.SettingsConnectionFlags.NM_VOLATILE):
+-            return False
++            return ""
+     except AttributeError:
+         # Prior to NetworkManager 1.12, we can only guess
+         # that a connection was generated/volatile.
+         if con.get_unsaved():
+-            return False
++            return ""
+ 
+     zone = setting_con.get_zone()
+     if zone is None:
+-- 
+2.18.0
+
diff --git a/firewalld.changes b/firewalld.changes
index 9a2c69a..93ed5e1 100644
--- a/firewalld.changes
+++ b/firewalld.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Sun Sep  2 03:50:37 UTC 2018 - luc14n0@linuxmail.org
+
+- Add firewalld-fix-firewalld-config-crash.patch: set
+  nm_get_zone_of_connection to return 'None' instead of 'False' for
+  automatically generated connections to avoid firewall-config
+  crashes. Patch provided by upstream (boo#1106319,
+  gh#firewalld/firewalld#370).
+
 -------------------------------------------------------------------
 Mon Aug 13 19:08:39 UTC 2018 - mchandras@suse.de
 
diff --git a/firewalld.spec b/firewalld.spec
index be38768..a053d4b 100644
--- a/firewalld.spec
+++ b/firewalld.spec
@@ -30,6 +30,8 @@ Url:            http://www.firewalld.org
 Source:         https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 # PATCH-FIX-SUSE: 0001-firewall-backend-Switch-default-backend-to-iptables.patch (bsc#1102761)
 Patch0:         0001-firewall-backend-Switch-default-backend-to-iptables.patch
+# PATCH-FIX-UPSTREAM firewalld-fix-firewalld-config-crash.patch luc14n0@linuxmail.org -- fix firewall-config crash when nm_get_zone_of_connection returns "False"
+Patch1:         firewalld-fix-firewalld-config-crash.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  desktop-file-utils
@@ -112,8 +114,8 @@ firewalld.
 
 %prep
 %setup -q
-# bsc#1102761 - switch to iptables as default
 %patch0 -p1
+%patch1 -p1
 
 # bsc#1078223
 rm config/services/high-availability.xml