Hi,
attached patch makes sure we only remove the masquerade rules if
forwardType == VIR_NETWORK_FORWARD_NAT and not if forwardType ==
VIR_NETWORK_FORWARD_ROUTE since we don't use them there. This fixes:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549949
O.k. to apply?
-- Guido
>From 84dc7d595fbd0302077aa767a1fcc840f2a25878 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@xxxxxxxxxxx>
Date: Thu, 5 Nov 2009 20:28:11 +0100
Subject: [PATCH] only remove masquerade roles for VIR_NETWORK_FORWARD_NAT
---
src/network/bridge_driver.c | 11 +++++------
1 files changed, 5 insertions(+), 6 deletions(-)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 95bc810..86ec392 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -765,16 +765,15 @@ static void
networkRemoveIptablesRules(struct network_driver *driver,
virNetworkObjPtr network) {
if (network->def->forwardType != VIR_NETWORK_FORWARD_NONE) {
- iptablesRemoveForwardMasquerade(driver->iptables,
- network->def->network,
- network->def->forwardDev);
-
- if (network->def->forwardType == VIR_NETWORK_FORWARD_NAT)
+ if (network->def->forwardType == VIR_NETWORK_FORWARD_NAT) {
+ iptablesRemoveForwardMasquerade(driver->iptables,
+ network->def->network,
+ network->def->forwardDev);
iptablesRemoveForwardAllowRelatedIn(driver->iptables,
network->def->network,
network->def->bridge,
network->def->forwardDev);
- else if (network->def->forwardType == VIR_NETWORK_FORWARD_ROUTE)
+ } else if (network->def->forwardType == VIR_NETWORK_FORWARD_ROUTE)
iptablesRemoveForwardAllowIn(driver->iptables,
network->def->network,
network->def->bridge,
--
1.6.5.2
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list