This patch adds a relaxng nwfilter schema along with a test that
verifies all the test output XML against the schema. The input XMLs
contain a lot of intentional out-of-range values that make them fail the
schema verification, so I am not verifying against those.
Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>
Signed-off-by: Gerhard Stenzel <gerhard.stenzel@xxxxxxxxxx>
---
docs/schemas/Makefile.am | 3
docs/schemas/domain.rng | 31 +
docs/schemas/nwfilter.rng | 783
++++++++++++++++++++++++++++++++++++++++++++++
libvirt.spec.in | 1
tests/Makefile.am | 4
tests/nwfilterschematest | 11
6 files changed, 831 insertions(+), 2 deletions(-)
Index: libvirt-acl/docs/schemas/Makefile.am
===================================================================
--- libvirt-acl.orig/docs/schemas/Makefile.am
+++ libvirt-acl/docs/schemas/Makefile.am
@@ -10,6 +10,7 @@ schema_DATA = \
storagepool.rng \
storagevol.rng \
nodedev.rng \
- capability.rng
+ capability.rng \
+ nwfilter.rng
EXTRA_DIST = $(schema_DATA)
Index: libvirt-acl/libvirt.spec.in
===================================================================
--- libvirt-acl.orig/libvirt.spec.in
+++ libvirt-acl/libvirt.spec.in
@@ -785,6 +785,7 @@ fi
%{_datadir}/libvirt/schemas/interface.rng
%{_datadir}/libvirt/schemas/secret.rng
%{_datadir}/libvirt/schemas/storageencryption.rng
+%{_datadir}/libvirt/schemas/filter.rng
%{_datadir}/libvirt/cpu_map.xml
Index: libvirt-acl/docs/schemas/nwfilter.rng
===================================================================
--- /dev/null
+++ libvirt-acl/docs/schemas/nwfilter.rng
@@ -0,0 +1,783 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<grammar ns="" xmlns="http://relaxng.org/ns/structure/1.0";
datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes";>
+ <start>
+ <ref name="filter"/>
+ </start>
+ <define name="filter">
+ <element name="filter">
+ <ref name="filter-node-attributes"/>
+ <zeroOrMore>
+ <choice>
+ <element name="filterref">
+ <ref name="filterref-node-attributes"/>
+ </element>
+ <element name="uuid">
+ <ref name="UUID"/>
+ </element>
+ </choice>
+ </zeroOrMore>
+ <zeroOrMore>
+ <element name="rule">
+ <ref name="rule-node-attributes"/>
+ <optional>
+ <zeroOrMore>
+ <element name="mac">
+ <ref name="match-attribute"/>
+ <ref name="common-l2-attributes"/>
+ <ref name="mac-attributes"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="arp">
+ <ref name="match-attribute"/>
+ <ref name="common-l2-attributes"/>
+ <ref name="arp-attributes"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="ip">
+ <ref name="match-attribute"/>
+ <ref name="common-l2-attributes"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-port-attributes"/>
+ <ref name="ip-attributes"/>
+ <ref name="dscp-attribute"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="ipv6">
+ <ref name="match-attribute"/>
+ <ref name="common-l2-attributes"/>
+ <ref name="common-ipv6-attributes-p1"/>
+ <ref name="common-port-attributes"/>
+ <ref name="ip-attributes"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="tcp">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-port-attributes"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-ip-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="udp">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-port-attributes"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-ip-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="sctp">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-port-attributes"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-ip-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="icmp">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-ip-attributes-p2"/>
+ <ref name="icmp-attributes"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="igmp">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-ip-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="all">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-ip-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="esp">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-ip-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="ah">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-ip-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="udplite">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ip-attributes-p1"/>
+ <ref name="common-ip-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="tcp-ipv6">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-port-attributes"/>
+ <ref name="common-ipv6-attributes-p1"/>
+ <ref name="common-ipv6-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="udp-ipv6">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-port-attributes"/>
+ <ref name="common-ipv6-attributes-p1"/>
+ <ref name="common-ipv6-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="sctp-ipv6">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-port-attributes"/>
+ <ref name="common-ipv6-attributes-p1"/>
+ <ref name="common-ipv6-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="icmpv6">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ipv6-attributes-p1"/>
+ <ref name="common-ipv6-attributes-p2"/>
+ <ref name="icmp-attributes"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="all-ipv6">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ipv6-attributes-p1"/>
+ <ref name="common-ipv6-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="esp-ipv6">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ipv6-attributes-p1"/>
+ <ref name="common-ipv6-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="ah-ipv6">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ipv6-attributes-p1"/>
+ <ref name="common-ipv6-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ <optional>
+ <zeroOrMore>
+ <element name="udplite-ipv6">
+ <ref name="match-attribute"/>
+ <ref name="srcmac-attribute"/>
+ <ref name="common-ipv6-attributes-p1"/>
+ <ref name="common-ipv6-attributes-p2"/>
+ </element>
+ </zeroOrMore>
+ </optional>
+ </element>
+ </zeroOrMore>
+ </element>
+ </define>
+
+ <!-- ########### attributes of XML nodes ############ -->
+
+ <define name="filter-node-attributes">
+ <attribute name="name">
+ <data type="NCName"/>
+ </attribute>
+ <optional>
+ <attribute name="chain">
+ <choice>
+ <value>root</value>
+ <value>arp</value>
+ <value>ipv4</value>
+ <value>ipv6</value>
+ </choice>
+ </attribute>
+ </optional>
+ </define>
+
+ <define name="filterref-node-attributes">
+ <attribute name="filter">
+ <data type="NCName"/>
+ </attribute>
+ <optional>
+ <element name="parameter">
+ <attribute name="name">
+ <ref name="parameter-name"/>
+ </attribute>
+ <attribute name="value">
+ <ref name="parameter-value"/>
+ </attribute>
+ </element>
+ </optional>
+ </define>
+
+ <define name="rule-node-attributes">
+ <attribute name="action">
+ <ref name='action-type'/>
+ </attribute>
+ <attribute name="direction">
+ <ref name='direction-type'/>
+ </attribute>
+ <optional>
+ <attribute name="priority">
+ <ref name='priority-type'/>
+ </attribute>
+ </optional>
+ </define>
+
+ <define name="match-attribute">
+ <interleave>
+ <optional>
+ <attribute name="match">
+ <choice>
+ <value>yes</value>
+ <value>no</value>
+ </choice>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="srcmac-attribute">
+ <interleave>
+ <optional>
+ <attribute name="srcmacaddr">
+ <ref name="addrMAC"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="common-l2-attributes">
+ <interleave>
+ <ref name="srcmac-attribute"/>
+ <optional>
+ <attribute name="srcmacmask">
+ <ref name="addrMAC"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstmacaddr">
+ <ref name="addrMAC"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstmacmask">
+ <ref name="addrMAC"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="common-ip-attributes-p1">
+ <interleave>
+ <optional>
+ <attribute name="srcipaddr">
+ <ref name="addrIP"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="srcipmask">
+ <ref name="addrMask"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstipaddr">
+ <ref name="addrIP"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstipmask">
+ <ref name="addrMask"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="common-ip-attributes-p2">
+ <interleave>
+ <optional>
+ <attribute name="srcipfrom">
+ <ref name="addrIP"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="srcipto">
+ <ref name="addrIP"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstipfrom">
+ <ref name="addrIP"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstipto">
+ <ref name="addrIP"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dscp">
+ <ref name="sixbitrange"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="common-ipv6-attributes-p1">
+ <interleave>
+ <optional>
+ <attribute name="srcipaddr">
+ <ref name="addrIPv6"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="srcipmask">
+ <ref name="addrMaskv6"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstipaddr">
+ <ref name="addrIPv6"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstipmask">
+ <ref name="addrMaskv6"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="common-ipv6-attributes-p2">
+ <interleave>
+ <optional>
+ <attribute name="srcipfrom">
+ <ref name="addrIPv6"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="srcipto">
+ <ref name="addrIPv6"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstipfrom">
+ <ref name="addrIPv6"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstipto">
+ <ref name="addrIPv6"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dscp">
+ <ref name="sixbitrange"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="common-port-attributes">
+ <interleave>
+ <optional>
+ <attribute name="srcportstart">
+ <ref name="uint16range"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="srcportend">
+ <ref name="uint16range"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstportstart">
+ <ref name="uint16range"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="dstportend">
+ <ref name="uint16range"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="icmp-attributes">
+ <interleave>
+ <optional>
+ <attribute name="type">
+ <ref name="uint8range"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="code">
+ <ref name="uint8range"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="mac-attributes">
+ <interleave>
+ <optional>
+ <attribute name="protocolid">
+ <ref name="mac-protocolid"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="arp-attributes">
+ <interleave>
+ <optional>
+ <attribute name="arpsrcmacaddr">
+ <ref name="addrMAC"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="arpsrcipaddr">
+ <ref name="addrIP"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="arpdstmacaddr">
+ <ref name="addrMAC"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="arpdstipaddr">
+ <ref name="addrIP"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="hwtype">
+ <ref name="uint16range"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="opcode">
+ <ref name="arpOpcodeType"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="protocoltype">
+ <ref name="uint16range"/>
+ </attribute>
+ </optional>
+ </interleave>
+ </define>
+
+ <define name="ip-attributes">
+ <optional>
+ <attribute name="protocol">
+ <ref name="ipProtocolType"/>
+ </attribute>
+ </optional>
+ </define>
+
+ <define name="dscp-attribute">
+ <optional>
+ <attribute name="dscp">
+ <ref name="sixbitrange"/>
+ </attribute>
+ </optional>
+ </define>
+
+ <!-- ################ type library ################ -->
+
+ <define name="UUID">
+ <choice>
+ <data type="string">
+ <param name="pattern">[a-fA-F0-9]{32}</param>
+ </data>
+
+ <data type="string">
+ <param
name="pattern">[a-fA-F0-9]{8}\-([a-fA-F0-9]{4}\-){3}[a-fA-F0-9]{12}</param>
+ </data>
+ </choice>
+ </define>
+
+ <define name="addrMAC">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">[\\$]{1}[a-zA-Z0-9_]+</param>
+ </data>
+
+ <data type="string">
+ <param
name="pattern">([a-fA-F0-9]{1,2}:){5}[a-fA-F0-9]{1,2}</param>
+ </data>
+ </choice>
+ </define>
+
+ <define name="addrIP">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">[\\$]{1}[a-zA-Z0-9_]+</param>
+ </data>
+
+ <data type="string">
+ <param
name="pattern">([0-2]?[0-9]?[0-9]\.){3}[0-2]?[0-9]?[0-9]</param>
+ </data>
+ </choice>
+ </define>
+
+ <define name="addrIPv6">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">^[\\$]{1}[a-zA-Z0-9_]+$</param>
+ </data>
+
+ <data type="string">
+ <param
name="pattern">([a-fA-F0-9]{0,4}:){2,7}([a-fA-F0-9]*)(([0-2]?[0-9]?[0-9]\.){3}[0-2]?[0-9]?[0-9])?</param>
+ </data>
+ </choice>
+ </define>
+
+ <define name="addrMask">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">^[\\$]{1}[a-zA-Z0-9_]+$</param>
+ </data>
+
+ <data type="int">
+ <param name="minInclusive">0</param>
+ <param name="maxInclusive">32</param>
+ </data>
+
+ <data type="string">
+ <param
name="pattern">([0-2]?[0-9]?[0-9]\.){3}[0-2]?[0-9]?[0-9]</param>
+ </data>
+ </choice>
+ </define>
+
+ <define name="addrMaskv6">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">^[\\$]{1}[a-zA-Z0-9_]+$</param>
+ </data>
+
+ <data type="int">
+ <param name="minInclusive">0</param>
+ <param name="maxInclusive">128</param>
+ </data>
+
+ <data type="string">
+ <param
name="pattern">([a-fA-F0-9]{0,4}:){2,7}([a-fA-F0-9]*)</param>
+ </data>
+ </choice>
+ </define>
+
+ <define name="sixbitrange">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">^[\\$]{1}[a-zA-Z0-9_]+$</param>
+ </data>
+
+ <data type="int">
+ <param name="minInclusive">0</param>
+ <param name="maxInclusive">63</param>
+ </data>
+ </choice>
+ </define>
+
+ <define name="mac-protocolid">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">^[\\$]{1}[a-zA-Z0-9_]+$</param>
+ </data>
+
+ <data type="int">
+ <param name="minInclusive">1536</param>
+ <param name="maxInclusive">65535</param>
+ </data>
+
+ <choice>
+ <value>arp</value>
+ <value>ipv4</value>
+ <value>ipv6</value>
+ </choice>
+ </choice>
+ </define>
+
+ <define name="uint8range">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">^[\\$]{1}[a-zA-Z0-9_]+$</param>
+ </data>
+
+ <data type="int">
+ <param name="minInclusive">0</param>
+ <param name="maxInclusive">255</param>
+ </data>
+ </choice>
+ </define>
+
+ <define name="uint16range">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">^[\\$]{1}[a-zA-Z0-9_]+$</param>
+ </data>
+
+ <data type="int">
+ <param name="minInclusive">0</param>
+ <param name="maxInclusive">65535</param>
+ </data>
+ </choice>
+ </define>
+
+ <define name="arpOpcodeType">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">^[\\$]{1}[a-zA-Z0-9_]+$</param>
+ </data>
+
+ <data type="int">
+ <param name="minInclusive">0</param>
+ <param name="maxInclusive">65535</param>
+ </data>
+
+ <data type="string">
+ <param
name="pattern">([Rr]eply|[Rr]equest|[Rr]equest_[Rr]everse|[Rr]eply_[Rr]everse|DRARP_[Rr]equest|DRARP_[Rr]eply|DRARP_[Ee]rror|InARP_[Rr]equest|ARP_NAK)</param>
+ </data>
+
+ </choice>
+ </define>
+
+ <define name="ipProtocolType">
+ <choice>
+ <!-- variable -->
+ <data type="string">
+ <param name="pattern">^[\\$]{1}[a-zA-Z0-9_]+$</param>
+ </data>
+
+ <data type="int">
+ <param name="minInclusive">0</param>
+ <param name="maxInclusive">255</param>
+ </data>
+
+ <choice>
+ <value>tcp</value>
+ <value>udp</value>
+ <value>udplite</value>
+ <value>esp</value>
+ <value>ah</value>
+ <value>icmp</value>
+ <value>igmp</value>
+ <value>sctp</value>
+ <value>icmpv6</value>
+ </choice>
+ </choice>
+ </define>
+
+ <define name="parameter-name">
+ <data type="string">
+ <param name="pattern">[a-zA-Z0-9_]+</param>
+ </data>
+ </define>
+
+ <define name="parameter-value">
+ <data type="string">
+ <param name="pattern">[a-zA-Z0-9_\.:]+</param>
+ </data>
+ </define>
+
+ <define name='action-type'>
+ <choice>
+ <value>drop</value>
+ <value>accept</value>
+ </choice>
+ </define>
+
+ <define name='direction-type'>
+ <choice>
+ <value>in</value>
+ <value>out</value>
+ <value>inout</value>
+ </choice>
+ </define>
+
+ <define name='priority-type'>
+ <data type="int">
+ <param name="minInclusive">0</param>
+ <param name="maxInclusive">1000</param>
+ </data>
+ </define>
+</grammar>
Index: libvirt-acl/tests/Makefile.am
===================================================================
--- libvirt-acl.orig/tests/Makefile.am
+++ libvirt-acl/tests/Makefile.am
@@ -74,6 +74,7 @@ EXTRA_DIST = \
xml2vmxdata \
nwfilterxml2xmlout \
nwfilterxml2xmlin \
+ nwfilterschematest \
$(patsubst %,qemuhelpdata/%,$(qemuhelpdata))
noinst_PROGRAMS = virshtest conftest \
@@ -120,7 +121,8 @@ test_scripts = \
storagepoolschematest \
storagevolschematest \
domainschematest \
- nodedevschematest
+ nodedevschematest \
+ nwfilterschematest
if WITH_LIBVIRTD
test_scripts += \
Index: libvirt-acl/tests/nwfilterschematest
===================================================================
--- /dev/null
+++ libvirt-acl/tests/nwfilterschematest
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+: ${srcdir=.}
+. $srcdir/test-lib.sh
+. $abs_srcdir/schematestutils.sh
+
+DIRS="nwfilterxml2xmlout"
+SCHEMA="nwfilter.rng"
+
+check_schema "$DIRS" "$SCHEMA"
+
Index: libvirt-acl/docs/schemas/domain.rng
===================================================================
--- libvirt-acl.orig/docs/schemas/domain.rng
+++ libvirt-acl/docs/schemas/domain.rng
@@ -894,6 +894,11 @@
<optional>
<ref name="address"/>
</optional>
+ <optional>
+ <element name="filterref">
+ <ref name="filterref-node-attributes"/>
+ </element>
+ </optional>
</interleave>
</define>
<!--
@@ -1577,6 +1582,22 @@
</element>
</define>
+ <define name="filterref-node-attributes">
+ <attribute name="filter">
+ <data type="NCName"/>
+ </attribute>
+ <optional>
+ <element name="parameter">
+ <attribute name="name">
+ <ref name="parameter-name"/>
+ </attribute>
+ <attribute name="value">
+ <ref name="parameter-value"/>
+ </attribute>
+ </element>
+ </optional>
+ </define>
+
<!--
Type library
@@ -1737,4 +1758,14 @@
<param name="pattern">[a-zA-Z0-9_\.\+\-/]+</param>
</data>
</define>
+ <define name="parameter-name">
+ <data type="string">
+ <param name="pattern">[a-zA-Z0-9_]+</param>
+ </data>
+ </define>
+ <define name="parameter-value">
+ <data type="string">
+ <param name="pattern">[a-zA-Z0-9_\.:]+</param>
+ </data>
+ </define>
</grammar>
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list