Although the next commit will eliminate the one current use of
virFirewallRuleToString(), a future commit will once again have a use
for it, but in a different source file so it will need to be a global
function rather than static. Make that change now so that we don't get
a compile error from having an unused static function in the next
commit.
(The arg list is also changed to include the name of the command as a
separate argument rather than just assuming that it can be derived
from the rule's layer (which is correct for iptables, but won't be
correct for nftables)).
Signed-off-by: Laine Stump <laine@xxxxxxxxxx>
---
src/libvirt_private.syms | 1 +
src/util/virfirewall.c | 13 ++++++++-----
src/util/virfirewall.h | 3 +++
3 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index ac2802095e..f739259375 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2352,6 +2352,7 @@ virFirewallRuleAddArgFormat;
virFirewallRuleAddArgList;
virFirewallRuleAddArgSet;
virFirewallRuleGetArgCount;
+virFirewallRuleToString;
virFirewallStartRollback;
virFirewallStartTransaction;
diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c
index 0a9ba9ad5c..247430be2e 100644
--- a/src/util/virfirewall.c
+++ b/src/util/virfirewall.c
@@ -461,14 +461,14 @@ void virFirewallStartRollback(virFirewall *firewall,
}
-static char *
-virFirewallRuleToString(virFirewallRule *rule)
+char *
+virFirewallRuleToString(const char *cmd,
+ virFirewallRule *rule)
{
- const char *bin = virFirewallLayerCommandTypeToString(rule->layer);
g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
size_t i;
- virBufferAdd(&buf, bin, -1);
+ virBufferAdd(&buf, cmd, -1);
for (i = 0; i < rule->argsLen; i++) {
virBufferAddLit(&buf, " ");
virBufferAdd(&buf, rule->args[i], -1);
@@ -477,6 +477,7 @@ virFirewallRuleToString(virFirewallRule *rule)
return virBufferContentAndReset(&buf);
}
+
static int
virFirewallApplyRuleDirect(virFirewallRule *rule,
bool ignoreErrors,
@@ -529,8 +530,10 @@ virFirewallApplyRule(virFirewall *firewall,
bool ignoreErrors)
{
g_autofree char *output = NULL;
- g_autofree char *str = virFirewallRuleToString(rule);
g_auto(GStrv) lines = NULL;
+ g_autofree char *str
+ = virFirewallRuleToString(virFirewallLayerCommandTypeToString(rule->layer), rule);
+
VIR_INFO("Applying rule '%s'", NULLSTR(str));
if (rule->ignoreErrors)
diff --git a/src/util/virfirewall.h b/src/util/virfirewall.h
index 7448825dbc..187748b2bf 100644
--- a/src/util/virfirewall.h
+++ b/src/util/virfirewall.h
@@ -89,6 +89,9 @@ void virFirewallRuleAddArgList(virFirewall *firewall,
size_t virFirewallRuleGetArgCount(virFirewallRule *rule);
+char *virFirewallRuleToString(const char *cmd,
+ virFirewallRule *rule);
+
typedef enum {
/* Ignore all errors when applying rules, so no
* rollback block will be required */
--
2.37.1
