Qube Manager does not show changes made outside of itself (e.g., `qvm-firewall` and icon changes) until it's restarted

[no-usernames-left]

Qubes OS release

Qubes 4.1.2 (fully patched)

Brief summary

If the Firewall Rules tab of Qube Manager has been used to restrict outbound communication to an IP address, and then qvm-firewall is used to add another one, the Qube Manager UI won't show the second one unless it's been quit and relaunched in the meantime.

Steps to reproduce

1. Create an AppVM
2. Open Qube Manager, then Qube Settings for the new AppVM and click Firewall Rules tab
3. Click the Limit outgoing connections to... radio button
4. Click + and add an IP (for example, 1.1.1.1) then click OK to save the IP, then click OK to save and close Qube Settings
5. Examine the XML file in /var/lib/qubes/appvms/VMNAME/firewall.xml and verify that it contains the IP you just added, plus one rule for DNS and one rule for ICMP
6. In dom0, qvm-firewall VMNAME add accept dsthost=2.2.2.2
7. Examine the XML file in /var/lib/qubes/appvms/VMNAME/firewall.xml; it will contain 1.1.1.1, one rule for DNS, one rule for ICMP, and 2.2.2.2 in that order
8. Open Qube Settings for the qube and click Firewall Rules tab, see only 1.1.1.1
9. Quit and relaunch Qube Manager
10. Open Qube Settings for the new AppVM and click Firewall Rules tab
11. See the red warning text at the top

Expected behavior

The UI should always reflect reality.

Actual behavior

The Qube Manager UI appears to operate on information loaded at launch which can lead to misrepresenting reality.

[UndeadDevel]

Affects 4.2; also, this issue could be broadened to all changes that are not reflected in Qube Manager until it is restarted (e.g. qube icons).

[alimirjamali]

Related: #7619