Although the next commit will eliminate the one current use of virFirewallRuleToString(), a future commit will once again have a use for it, but in a different source file so it will need to be a global function rather than static. Make that change now so that we don't get a compile error from having an unused static function in the next commit. (The arg list is also changed to include the name of the command as a separate argument rather than just assuming that it can be derived from the rule's layer (which is correct for iptables, but won't be correct for nftables)). Signed-off-by: Laine Stump <laine@xxxxxxxxxx> --- src/libvirt_private.syms | 1 + src/util/virfirewall.c | 13 ++++++++----- src/util/virfirewall.h | 3 +++ 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index ac2802095e..f739259375 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2352,6 +2352,7 @@ virFirewallRuleAddArgFormat; virFirewallRuleAddArgList; virFirewallRuleAddArgSet; virFirewallRuleGetArgCount; +virFirewallRuleToString; virFirewallStartRollback; virFirewallStartTransaction; diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c index 0a9ba9ad5c..247430be2e 100644 --- a/src/util/virfirewall.c +++ b/src/util/virfirewall.c @@ -461,14 +461,14 @@ void virFirewallStartRollback(virFirewall *firewall, } -static char * -virFirewallRuleToString(virFirewallRule *rule) +char * +virFirewallRuleToString(const char *cmd, + virFirewallRule *rule) { - const char *bin = virFirewallLayerCommandTypeToString(rule->layer); g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER; size_t i; - virBufferAdd(&buf, bin, -1); + virBufferAdd(&buf, cmd, -1); for (i = 0; i < rule->argsLen; i++) { virBufferAddLit(&buf, " "); virBufferAdd(&buf, rule->args[i], -1); @@ -477,6 +477,7 @@ virFirewallRuleToString(virFirewallRule *rule) return virBufferContentAndReset(&buf); } + static int virFirewallApplyRuleDirect(virFirewallRule *rule, bool ignoreErrors, @@ -529,8 +530,10 @@ virFirewallApplyRule(virFirewall *firewall, bool ignoreErrors) { g_autofree char *output = NULL; - g_autofree char *str = virFirewallRuleToString(rule); g_auto(GStrv) lines = NULL; + g_autofree char *str + = virFirewallRuleToString(virFirewallLayerCommandTypeToString(rule->layer), rule); + VIR_INFO("Applying rule '%s'", NULLSTR(str)); if (rule->ignoreErrors) diff --git a/src/util/virfirewall.h b/src/util/virfirewall.h index 7448825dbc..187748b2bf 100644 --- a/src/util/virfirewall.h +++ b/src/util/virfirewall.h @@ -89,6 +89,9 @@ void virFirewallRuleAddArgList(virFirewall *firewall, size_t virFirewallRuleGetArgCount(virFirewallRule *rule); +char *virFirewallRuleToString(const char *cmd, + virFirewallRule *rule); + typedef enum { /* Ignore all errors when applying rules, so no * rollback block will be required */ -- 2.37.1