[libvirt] PATCH: Fix call to save iptables rules

"Daniel P. Berrange" <berrange@xxxxxxxxxx> · Thu, 12 Jun 2008 12:21:10 +0100

When the virtual network forwarding support was introduced, the refactoring
appears to have caused the call to save iptables rules to be left out. This
patch fixes it.

Daniel.

Index: src/qemu_driver.c
===================================================================
RCS file: /data/cvs/libvirt/src/qemu_driver.c,v
retrieving revision 1.86
diff -u -p -r1.86 qemu_driver.c

--- src/qemu_driver.c	12 Jun 2008 08:55:13 -0000	1.86
+++ src/qemu_driver.c	12 Jun 2008 11:18:58 -0000
@@ -1259,7 +1259,7 @@ qemudAddIptablesRules(virConnectPtr conn
     if (!driver->iptables && !(driver->iptables = iptablesContextNew())) {
         qemudReportError(conn, NULL, NULL, VIR_ERR_NO_MEMORY,
                      "%s", _("failed to allocate space for IP tables support"));
-        return 1;
+        return 0;
     }
 
 
@@ -1319,23 +1319,22 @@ qemudAddIptablesRules(virConnectPtr conn
     }
 
 
-    /* The remaining rules are only needed for IP forwarding */
-    if (!network->def->forward) {
-        iptablesSaveRules(driver->iptables);
-        return 1;
+    if (network->def->forward) {
+        /* If masquerading is enabled, set up the rules*/
+        if (network->def->forwardMode == QEMUD_NET_FORWARD_NAT &&
+            !qemudAddMasqueradingIptablesRules(conn, driver, network))
+            goto err8;
+        /* else if routing is enabled, set up the rules*/
+        else if (network->def->forwardMode == QEMUD_NET_FORWARD_ROUTE &&
+                 !qemudAddRoutingIptablesRules(conn, driver, network))
+            goto err8;
     }
 
-    /* If masquerading is enabled, set up the rules*/
-    if (network->def->forwardMode == QEMUD_NET_FORWARD_NAT) {
-        if (qemudAddMasqueradingIptablesRules(conn, driver, network))
-            return 1;
-    }
-    /* else if routing is enabled, set up the rules*/
-    else if (network->def->forwardMode == QEMUD_NET_FORWARD_ROUTE) {
-        if (qemudAddRoutingIptablesRules(conn, driver, network))
-            return 1;
-    }
+    iptablesSaveRules(driver->iptables);
+
+    return 1;
 
+ err8:
     iptablesRemoveForwardAllowCross(driver->iptables,
                                     network->bridge);
  err7:

-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




