This patch adds build support for the network filtering framework. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>
--- configure.ac | 9 +++++++++ daemon/Makefile.am | 4 ++++ src/Makefile.am | 32 ++++++++++++++++++++++++++++++++ src/libvirt_private.syms | 39 +++++++++++++++++++++++++++++++++++++++ src/libvirt_public.syms | 19 +++++++++++++++++++ 5 files changed, 103 insertions(+) Index: libvirt-acl/src/Makefile.am =================================================================== --- libvirt-acl.orig/src/Makefile.am +++ libvirt-acl/src/Makefile.am @@ -98,6 +98,14 @@ DOMAIN_EVENT_SOURCES = \ NETWORK_CONF_SOURCES = \ conf/network_conf.c conf/network_conf.h +# Network filter driver generic impl APIs +NWFILTER_PARAM_CONF_SOURCES = \ + conf/nwfilter_params.c conf/nwfilter_conf.h + +NWFILTER_CONF_SOURCES = \ + $(NWFILTER_PARAM_CONF_SOURCES) \ + conf/nwfilter_conf.c conf/nwfilter_conf.h + # Storage driver generic impl APIs STORAGE_CONF_SOURCES = \ conf/storage_conf.h conf/storage_conf.c @@ -124,6 +132,7 @@ CONF_SOURCES = \ $(DOMAIN_CONF_SOURCES) \ $(DOMAIN_EVENT_SOURCES) \ $(NETWORK_CONF_SOURCES) \ + $(NWFILTER_CONF_SOURCES) \ $(NODE_DEVICE_CONF_SOURCES) \ $(STORAGE_CONF_SOURCES) \ $(ENCRYPTION_CONF_SOURCES) \ @@ -273,6 +282,11 @@ STORAGE_DRIVER_DISK_SOURCES = \ STORAGE_HELPER_DISK_SOURCES = \ storage/parthelper.c +# Network filters +NWFILTER_DRIVER_SOURCES = \ + nwfilter/nwfilter_driver.h nwfilter/nwfilter_driver.c \ + nwfilter/nwfilter_gentech_driver.c \ + nwfilter/nwfilter_ebiptables_driver.c # Security framework and drivers for various models SECURITY_DRIVER_SOURCES = \ @@ -716,6 +730,22 @@ endif endif +if WITH_NWFILTER +if WITH_DRIVER_MODULES +mod_LTLIBRARIES += libvirt_driver_nwfilter.la +else +libvirt_la_LIBADD += libvirt_driver_nwfilter.la +noinst_LTLIBRARIES += libvirt_driver_nwfilter.la +endif +libvirt_driver_nwfilter_la_CFLAGS = \ + -I@top_srcdir@/src/conf +if WITH_DRIVER_MODULES +libvirt_driver_nwfilter_la_LDFLAGS = -module -avoid-version ../gnulib/lib/libgnu.la +endif +libvirt_driver_nwfilter_la_SOURCES = $(NWFILTER_DRIVER_SOURCES) +endif + + libvirt_driver_security_la_SOURCES = $(SECURITY_DRIVER_SOURCES) noinst_LTLIBRARIES += libvirt_driver_security.la libvirt_la_LIBADD += libvirt_driver_security.la @@ -759,6 +789,7 @@ EXTRA_DIST += \ $(NODE_DEVICE_DRIVER_SOURCES) \ $(NODE_DEVICE_DRIVER_HAL_SOURCES) \ $(NODE_DEVICE_DRIVER_UDEV_SOURCES) \ + $(NWFILTER_DRIVER_SOURCES) \ $(SECURITY_DRIVER_SELINUX_SOURCES) \ $(SECURITY_DRIVER_APPARMOR_SOURCES) \ $(SECRET_DRIVER_SOURCES) \ @@ -893,6 +924,7 @@ libvirt_lxc_SOURCES = \ $(NODE_INFO_SOURCES) \ $(ENCRYPTION_CONF_SOURCES) \ $(DOMAIN_CONF_SOURCES) \ + $(NWFILTER_PARAM_CONF_SOURCES) \ $(CPU_CONF_SOURCES) libvirt_lxc_LDFLAGS = $(WARN_CFLAGS) $(COVERAGE_LDCFLAGS) $(CAPNG_LIBS) $(YAJL_LIBS) libvirt_lxc_LDADD = $(LIBXML_LIBS) $(NUMACTL_LIBS) ../gnulib/lib/libgnu.la Index: libvirt-acl/src/libvirt_private.syms =================================================================== --- libvirt-acl.orig/src/libvirt_private.syms +++ libvirt-acl/src/libvirt_private.syms @@ -105,6 +105,8 @@ virUnrefConnect; virUnrefSecret; virGetStream; virUnrefStream; +virGetNWFilter; +virUnrefNWFiler; # domain_conf.h @@ -303,6 +305,7 @@ virRegisterStateDriver; virRegisterStorageDriver; virRegisterDeviceMonitor; virRegisterSecretDriver; +virRegisterNWFilterDriver; # json.h @@ -438,6 +441,42 @@ virNodeDeviceGetWWNs; virNodeDeviceGetParentHost; +# nwfilter_conf.h +virNWFilterPoolLoadAllConfigs; +virNWFilterPoolObjAssignDef; +virNWFilterPoolObjSaveDef; +virNWFilterPoolObjFindByName; +virNWFilterPoolObjFindByUUID; +virNWFilterPoolObjLock; +virNWFilterPoolObjUnlock; +virNWFilterPoolObjRemove; +virNWFilterDefFree; +virNWFilterDefParseString; +virNWFilterPoolObjDeleteDef; +virNWFilterPoolObjListFree; +virNWFilterDefFormat; +virNWFilterChainSuffixTypeToString; +virNWFilterRuleActionTypeToString; +virNWFilterJumpTargetTypeToString; +virNWFilterRegisterCallbackDriver; +virNWFilterTestUnassignDef; +virNWFilterConfLayerInit; +virNWFilterConfLayerShutdown; + + +#nwfilter_params.h +virNWFilterHashTableCreate; +virNWFilterHashTableFree; +virNWFilterHashTablePut; +virNWFilterHashTablePutAll; +virNWFilterHashTableRemoveEntry; + + +# nwfilter_gentech_driver.h +virNWFilterInstantiateFilter; +virNWFilterTeardownFilter; + + # pci.h pciGetDevice; pciFreeDevice; Index: libvirt-acl/daemon/Makefile.am =================================================================== --- libvirt-acl.orig/daemon/Makefile.am +++ libvirt-acl/daemon/Makefile.am @@ -116,6 +116,10 @@ endif if WITH_SECRETS libvirtd_LDADD += ../src/libvirt_driver_secret.la endif + +if WITH_NWFILTER + libvirtd_LDADD += ../src/libvirt_driver_nwfilter.la +endif endif libvirtd_LDADD += ../src/libvirt.la Index: libvirt-acl/configure.ac =================================================================== --- libvirt-acl.orig/configure.ac +++ libvirt-acl/configure.ac @@ -1267,6 +1267,15 @@ if test "$with_secrets" = "yes" ; then fi AM_CONDITIONAL([WITH_SECRETS], [test "$with_secrets" = "yes"]) +with_nwfilter=yes +if test "$with_libvirtd" = "no"; then + with_nwfilter=no +fi +if test "$with_nwfilter" = "yes" ; then + AC_DEFINE_UNQUOTED([WITH_NWFILTER], 1, [whether local network filter management driver is available]) +fi +AM_CONDITIONAL([WITH_NWFILTER], [test "$with_nwfilter" = "yes"]) + AC_ARG_WITH([storage-fs], AC_HELP_STRING([--with-storage-fs], [with FileSystem backend for the storage driver @<:@default=check@:>@]),[],[with_storage_fs=check]) Index: libvirt-acl/src/libvirt_public.syms =================================================================== --- libvirt-acl.orig/src/libvirt_public.syms +++ libvirt-acl/src/libvirt_public.syms @@ -358,4 +358,23 @@ LIBVIRT_0.7.7 { virDomainAbortJob; } LIBVIRT_0.7.5; +LIBVIRT_0.7.8 { + global: + virConnectListNWFilters; + virConnectNumOfNWFilters; + virNWFilterLookupByName; + virNWFilterLookupByUUID; + virNWFilterLookupByUUIDString; + virNWFilterFree; + virNWFilterGetName; + virNWFilterGetUUID; + virNWFilterGetUUIDString; + virNWFilterGetXMLDesc; + virNWFilterRef; + virNWFilterTest; + virNWFilterDefineXML; + virNWFilterUndefine; +} LIBVIRT_0.7.7; + + # .... define new API here using predicted next version number ....
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list