[PATCH v3 03/27] network: make all iptables functions used only in network_iptables.c static

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Now that the toplevel iptables functions have been moved out of the
linux bridge driver into network_iptables.c, all of the utility
functions are used only within that same file, so simplify it.

Signed-off-by: Laine Stump <laine@xxxxxxxxxx>
Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
 src/network/network_iptables.c |  52 ++++++-------
 src/network/network_iptables.h | 130 ---------------------------------
 2 files changed, 26 insertions(+), 156 deletions(-)

diff --git a/src/network/network_iptables.c b/src/network/network_iptables.c
index 7338237c21..697ad5d8d6 100644
--- a/src/network/network_iptables.c
+++ b/src/network/network_iptables.c
@@ -207,7 +207,7 @@ iptablesOutput(virFirewall *fw,
  * Add an input to the IP table allowing access to the given @port on
  * the given @iface interface for TCP packets
  */
-void
+static void
 iptablesAddTcpInput(virFirewall *fw,
                     virFirewallLayer layer,
                     const char *iface,
@@ -225,7 +225,7 @@ iptablesAddTcpInput(virFirewall *fw,
  * Removes an input from the IP table, hence forbidding access to the given
  * @port on the given @iface interface for TCP packets
  */
-void
+static void
 iptablesRemoveTcpInput(virFirewall *fw,
                        virFirewallLayer layer,
                        const char *iface,
@@ -243,7 +243,7 @@ iptablesRemoveTcpInput(virFirewall *fw,
  * Add an input to the IP table allowing access to the given @port on
  * the given @iface interface for UDP packets
  */
-void
+static void
 iptablesAddUdpInput(virFirewall *fw,
                     virFirewallLayer layer,
                     const char *iface,
@@ -261,7 +261,7 @@ iptablesAddUdpInput(virFirewall *fw,
  * Removes an input from the IP table, hence forbidding access to the given
  * @port on the given @iface interface for UDP packets
  */
-void
+static void
 iptablesRemoveUdpInput(virFirewall *fw,
                        virFirewallLayer layer,
                        const char *iface,
@@ -279,7 +279,7 @@ iptablesRemoveUdpInput(virFirewall *fw,
  * Add an output to the IP table allowing access to the given @port from
  * the given @iface interface for TCP packets
  */
-void
+static void
 iptablesAddTcpOutput(virFirewall *fw,
                      virFirewallLayer layer,
                      const char *iface,
@@ -297,7 +297,7 @@ iptablesAddTcpOutput(virFirewall *fw,
  * Removes an output from the IP table, hence forbidding access to the given
  * @port from the given @iface interface for TCP packets
  */
-void
+static void
 iptablesRemoveTcpOutput(virFirewall *fw,
                         virFirewallLayer layer,
                         const char *iface,
@@ -315,7 +315,7 @@ iptablesRemoveTcpOutput(virFirewall *fw,
  * Add an output to the IP table allowing access to the given @port from
  * the given @iface interface for UDP packets
  */
-void
+static void
 iptablesAddUdpOutput(virFirewall *fw,
                      virFirewallLayer layer,
                      const char *iface,
@@ -333,7 +333,7 @@ iptablesAddUdpOutput(virFirewall *fw,
  * Removes an output from the IP table, hence forbidding access to the given
  * @port from the given @iface interface for UDP packets
  */
-void
+static void
 iptablesRemoveUdpOutput(virFirewall *fw,
                         virFirewallLayer layer,
                         const char *iface,
@@ -397,7 +397,7 @@ iptablesForwardAllowOut(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-int
+static int
 iptablesAddForwardAllowOut(virFirewall *fw,
                            virSocketAddr *netaddr,
                            unsigned int prefix,
@@ -421,7 +421,7 @@ iptablesAddForwardAllowOut(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-int
+static int
 iptablesRemoveForwardAllowOut(virFirewall *fw,
                               virSocketAddr *netaddr,
                               unsigned int prefix,
@@ -491,7 +491,7 @@ iptablesForwardAllowRelatedIn(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-int
+static int
 iptablesAddForwardAllowRelatedIn(virFirewall *fw,
                                  virSocketAddr *netaddr,
                                  unsigned int prefix,
@@ -515,7 +515,7 @@ iptablesAddForwardAllowRelatedIn(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-int
+static int
 iptablesRemoveForwardAllowRelatedIn(virFirewall *fw,
                                     virSocketAddr *netaddr,
                                     unsigned int prefix,
@@ -578,7 +578,7 @@ iptablesForwardAllowIn(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-int
+static int
 iptablesAddForwardAllowIn(virFirewall *fw,
                           virSocketAddr *netaddr,
                           unsigned int prefix,
@@ -602,7 +602,7 @@ iptablesAddForwardAllowIn(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-int
+static int
 iptablesRemoveForwardAllowIn(virFirewall *fw,
                              virSocketAddr *netaddr,
                              unsigned int prefix,
@@ -640,7 +640,7 @@ iptablesForwardAllowCross(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-void
+static void
 iptablesAddForwardAllowCross(virFirewall *fw,
                              virFirewallLayer layer,
                              const char *iface)
@@ -659,7 +659,7 @@ iptablesAddForwardAllowCross(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-void
+static void
 iptablesRemoveForwardAllowCross(virFirewall *fw,
                                 virFirewallLayer layer,
                                 const char *iface)
@@ -692,7 +692,7 @@ iptablesForwardRejectOut(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-void
+static void
 iptablesAddForwardRejectOut(virFirewall *fw,
                             virFirewallLayer layer,
                             const char *iface)
@@ -710,7 +710,7 @@ iptablesAddForwardRejectOut(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-void
+static void
 iptablesRemoveForwardRejectOut(virFirewall *fw,
                                virFirewallLayer layer,
                                const char *iface)
@@ -744,7 +744,7 @@ iptablesForwardRejectIn(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-void
+static void
 iptablesAddForwardRejectIn(virFirewall *fw,
                            virFirewallLayer layer,
                            const char *iface)
@@ -762,7 +762,7 @@ iptablesAddForwardRejectIn(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-void
+static void
 iptablesRemoveForwardRejectIn(virFirewall *fw,
                               virFirewallLayer layer,
                               const char *iface)
@@ -882,7 +882,7 @@ iptablesForwardMasquerade(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-int
+static int
 iptablesAddForwardMasquerade(virFirewall *fw,
                              virSocketAddr *netaddr,
                              unsigned int prefix,
@@ -909,7 +909,7 @@ iptablesAddForwardMasquerade(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise
  */
-int
+static int
 iptablesRemoveForwardMasquerade(virFirewall *fw,
                                 virSocketAddr *netaddr,
                                 unsigned int prefix,
@@ -979,7 +979,7 @@ iptablesForwardDontMasquerade(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise.
  */
-int
+static int
 iptablesAddDontMasquerade(virFirewall *fw,
                           virSocketAddr *netaddr,
                           unsigned int prefix,
@@ -1004,7 +1004,7 @@ iptablesAddDontMasquerade(virFirewall *fw,
  *
  * Returns 0 in case of success or an error code otherwise.
  */
-int
+static int
 iptablesRemoveDontMasquerade(virFirewall *fw,
                              virSocketAddr *netaddr,
                              unsigned int prefix,
@@ -1047,7 +1047,7 @@ iptablesOutputFixUdpChecksum(virFirewall *fw,
  * the given @iface interface for TCP packets.
  *
  */
-void
+static void
 iptablesAddOutputFixUdpChecksum(virFirewall *fw,
                                 const char *iface,
                                 int port)
@@ -1064,7 +1064,7 @@ iptablesAddOutputFixUdpChecksum(virFirewall *fw,
  * Removes the checksum fixup rule that was previous added with
  * iptablesAddOutputFixUdpChecksum.
  */
-void
+static void
 iptablesRemoveOutputFixUdpChecksum(virFirewall *fw,
                                    const char *iface,
                                    int port)
diff --git a/src/network/network_iptables.h b/src/network/network_iptables.h
index d3f6b48437..cdc143f154 100644
--- a/src/network/network_iptables.h
+++ b/src/network/network_iptables.h
@@ -20,7 +20,6 @@
 
 #pragma once
 
-#include "virsocketaddr.h"
 #include "virfirewall.h"
 #include "network_conf.h"
 
@@ -29,132 +28,3 @@ int iptablesAddFirewallRules(virNetworkDef *def);
 void iptablesRemoveFirewallRules(virNetworkDef *def);
 
 int iptablesSetupPrivateChains(virFirewallLayer layer);
-
-void             iptablesAddTcpInput             (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface,
-                                                  int port);
-void             iptablesRemoveTcpInput          (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface,
-                                                  int port);
-
-void             iptablesAddUdpInput             (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface,
-                                                  int port);
-void             iptablesRemoveUdpInput          (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface,
-                                                  int port);
-
-void             iptablesAddTcpOutput            (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface,
-                                                  int port);
-void             iptablesRemoveTcpOutput         (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface,
-                                                  int port);
-void             iptablesAddUdpOutput            (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface,
-                                                  int port);
-void             iptablesRemoveUdpOutput         (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface,
-                                                  int port);
-
-int              iptablesAddForwardAllowOut      (virFirewall *fw,
-                                                  virSocketAddr *netaddr,
-                                                  unsigned int prefix,
-                                                  const char *iface,
-                                                  const char *physdev)
-    G_GNUC_WARN_UNUSED_RESULT;
-int              iptablesRemoveForwardAllowOut   (virFirewall *fw,
-                                                  virSocketAddr *netaddr,
-                                                  unsigned int prefix,
-                                                  const char *iface,
-                                                  const char *physdev)
-    G_GNUC_WARN_UNUSED_RESULT;
-int              iptablesAddForwardAllowRelatedIn(virFirewall *fw,
-                                                  virSocketAddr *netaddr,
-                                                  unsigned int prefix,
-                                                  const char *iface,
-                                                  const char *physdev)
-    G_GNUC_WARN_UNUSED_RESULT;
-int              iptablesRemoveForwardAllowRelatedIn(virFirewall *fw,
-                                                     virSocketAddr *netaddr,
-                                                     unsigned int prefix,
-                                                     const char *iface,
-                                                     const char *physdev)
-    G_GNUC_WARN_UNUSED_RESULT;
-
-int              iptablesAddForwardAllowIn       (virFirewall *fw,
-                                                  virSocketAddr *netaddr,
-                                                  unsigned int prefix,
-                                                  const char *iface,
-                                                  const char *physdev)
-    G_GNUC_WARN_UNUSED_RESULT;
-int              iptablesRemoveForwardAllowIn    (virFirewall *fw,
-                                                  virSocketAddr *netaddr,
-                                                  unsigned int prefix,
-                                                  const char *iface,
-                                                  const char *physdev)
-    G_GNUC_WARN_UNUSED_RESULT;
-
-void             iptablesAddForwardAllowCross    (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface);
-void             iptablesRemoveForwardAllowCross (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface);
-
-void             iptablesAddForwardRejectOut     (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface);
-void             iptablesRemoveForwardRejectOut  (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface);
-
-void             iptablesAddForwardRejectIn      (virFirewall *fw,
-                                                  virFirewallLayer layer,
-                                                  const char *iface);
-void             iptablesRemoveForwardRejectIn   (virFirewall *fw,
-                                                  virFirewallLayer layery,
-                                                  const char *iface);
-
-int              iptablesAddForwardMasquerade    (virFirewall *fw,
-                                                  virSocketAddr *netaddr,
-                                                  unsigned int prefix,
-                                                  const char *physdev,
-                                                  virSocketAddrRange *addr,
-                                                  virPortRange *port,
-                                                  const char *protocol)
-    G_GNUC_WARN_UNUSED_RESULT;
-int              iptablesRemoveForwardMasquerade (virFirewall *fw,
-                                                  virSocketAddr *netaddr,
-                                                  unsigned int prefix,
-                                                  const char *physdev,
-                                                  virSocketAddrRange *addr,
-                                                  virPortRange *port,
-                                                  const char *protocol)
-    G_GNUC_WARN_UNUSED_RESULT;
-int              iptablesAddDontMasquerade       (virFirewall *fw,
-                                                  virSocketAddr *netaddr,
-                                                  unsigned int prefix,
-                                                  const char *physdev,
-                                                  const char *destaddr)
-    G_GNUC_WARN_UNUSED_RESULT;
-int              iptablesRemoveDontMasquerade    (virFirewall *fw,
-                                                  virSocketAddr *netaddr,
-                                                  unsigned int prefix,
-                                                  const char *physdev,
-                                                  const char *destaddr)
-    G_GNUC_WARN_UNUSED_RESULT;
-void             iptablesAddOutputFixUdpChecksum (virFirewall *fw,
-                                                  const char *iface,
-                                                  int port);
-void             iptablesRemoveOutputFixUdpChecksum (virFirewall *fw,
-                                                     const char *iface,
-                                                     int port);
-- 
2.44.0
_______________________________________________
Devel mailing list -- devel@xxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxx




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux