On Thu, Apr 29, 2010 at 09:34:46PM -0400, Stefan Berger wrote: > The functions invoked by the IP address learning thread > that apply some basic filtering rules did not clean up > any previous filtering rules that may still be there > (due to a libvirt restart for example). With the > patch below all the rules are cleaned up first. > > Also, I am introducing a function to drop all traffic > in case the IP address learning thread could not apply > the rules. > > Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx> > > --- > src/conf/nwfilter_conf.h | 3 > src/nwfilter/nwfilter_ebiptables_driver.c | 104 +++++++++++++++++++++++++----- > src/nwfilter/nwfilter_learnipaddr.c | 4 - > src/nwfilter/nwfilter_learnipaddr.h | 2 > 4 files changed, 96 insertions(+), 17 deletions(-) > Okay, I had to double check that ebiptablesExecCLI() reall freed the passed buffer content in all case, looks fine, ACK, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@xxxxxxxxxxxx | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list