[PATCH] nwfilter: no support for direct type of interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Ebtables filtering doesn't work on macvtap device. Remove support for direct type of interface. 

Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>

---
 docs/formatnwfilter.html.in               |    2 --
 src/conf/domain_conf.c                    |    1 -
 src/nwfilter/nwfilter_ebiptables_driver.c |   16 +---------------
 3 files changed, 1 insertion(+), 18 deletions(-)

Index: libvirt-acl/src/conf/domain_conf.c
===================================================================
--- libvirt-acl.orig/src/conf/domain_conf.c
+++ libvirt-acl/src/conf/domain_conf.c
@@ -2862,7 +2862,6 @@ virDomainNetDefParseXML(virCapsPtr caps,
         case VIR_DOMAIN_NET_TYPE_ETHERNET:
         case VIR_DOMAIN_NET_TYPE_NETWORK:
         case VIR_DOMAIN_NET_TYPE_BRIDGE:
-        case VIR_DOMAIN_NET_TYPE_DIRECT:
             def->filter = filter;
             filter = NULL;
             def->filterparams = filterparams;
Index: libvirt-acl/docs/formatnwfilter.html.in
===================================================================
--- libvirt-acl.orig/docs/formatnwfilter.html.in
+++ libvirt-acl/docs/formatnwfilter.html.in
@@ -52,8 +52,6 @@
<li><code>network</code></li>
<li><code>ethernet</code> -- must be used in bridging mode</li>
<li><code>bridge</code></li>
- <li><code>direct</code> -- only protocols mac, arp, ip and ipv6
-            can be filtered</li>
</ul>
<p>
     The interface XML is used to reference a top-level filter. In the
Index: libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_ebiptables_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -2357,7 +2357,7 @@ err_exit:
  */
 static int
 ebiptablesCreateRuleInstance(virConnectPtr conn ATTRIBUTE_UNUSED,
-                             enum virDomainNetType nettype,
+ enum virDomainNetType nettype ATTRIBUTE_UNUSED, 
                              virNWFilterDefPtr nwfilter,
                              virNWFilterRuleDefPtr rule,
                              const char *ifname,
@@ -2409,13 +2409,6 @@ ebiptablesCreateRuleInstance(virConnectP
     case VIR_NWFILTER_RULE_PROTOCOL_ICMP:
     case VIR_NWFILTER_RULE_PROTOCOL_IGMP:
     case VIR_NWFILTER_RULE_PROTOCOL_ALL:
-        if (nettype == VIR_DOMAIN_NET_TYPE_DIRECT) {
-            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
-                          _("'%s' protocol not support for net type '%s'"),
- virNWFilterRuleProtocolTypeToString(rule->prtclType), 
-                          virDomainNetTypeToString(nettype));
-            return 1;
-        }
         isIPv6 = 0;
         rc = iptablesCreateRuleInstance(nwfilter,
                                         rule,
@@ -2433,13 +2426,6 @@ ebiptablesCreateRuleInstance(virConnectP
     case VIR_NWFILTER_RULE_PROTOCOL_SCTPoIPV6:
     case VIR_NWFILTER_RULE_PROTOCOL_ICMPV6:
     case VIR_NWFILTER_RULE_PROTOCOL_ALLoIPV6:
-        if (nettype == VIR_DOMAIN_NET_TYPE_DIRECT) {
-            virNWFilterReportError(VIR_ERR_OPERATION_FAILED,
-                          _("'%s' protocol not support for net type '%s'"),
- virNWFilterRuleProtocolTypeToString(rule->prtclType), 
-                          virDomainNetTypeToString(nettype));
-            return 1;
-        }
         isIPv6 = 1;
         rc = iptablesCreateRuleInstance(nwfilter,
                                         rule,

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]