Hi, all. In the process of fixing a corner case in nwfilter in case of libvirtd crash I noticed the peculiar way it works for recursive removes/renames of chains. So I proposing a change which is described in the second patch. This is an RFC and as such is incomplete: - only recursive removing is patched and renaming is not - tests are not fixed Nikolay Shirokovskiy (2): utils: make virFirewallAddRuleFullV public nwfilter: don't query netfilter inside transactions src/libvirt_private.syms | 1 + src/nwfilter/nwfilter_ebiptables_driver.c | 154 +++++++++++----------- src/util/virfirewall.c | 2 +- src/util/virfirewall.h | 7 + 4 files changed, 84 insertions(+), 80 deletions(-) -- 2.31.1
