[PATCH 3/3] Take the forwarding family into account

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Only add iptables rules for this family, and also only check for
forwarding for this family.
---
 src/network/bridge_driver.c |   27 +++++++++++++++++++++------
 1 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index e3e8dc2..6bd4217 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -1788,7 +1788,9 @@ networkAddIptablesRules(struct network_driver *driver,
         return -1;
 
     for (ii = 0;
-         (ipdef = virNetworkDefGetIpByIndex(network->def, AF_UNSPEC, ii));
+         (ipdef = virNetworkDefGetIpByIndex(network->def,
+                                            network->def->forwardFamily,
+                                            ii));
          ii++) {
         /* Add address-specific iptables rules */
         if (networkAddIpSpecificIptablesRules(driver, network, ipdef) < 0) {
@@ -1803,7 +1805,9 @@ err:
      * added for previous IP addresses.
      */
     while ((--ii >= 0) &&
-           (ipdef = virNetworkDefGetIpByIndex(network->def, AF_UNSPEC, ii))) {
+           (ipdef = virNetworkDefGetIpByIndex(network->def,
+                                              network->def->forwardFamily,
+                                              ii))) {
         networkRemoveIpSpecificIptablesRules(driver, network, ipdef);
     }
     networkRemoveGeneralIptablesRules(driver, network);
@@ -1819,7 +1823,9 @@ networkRemoveIptablesRules(struct network_driver *driver,
     virNetworkIpDefPtr ipdef;
 
     for (ii = 0;
-         (ipdef = virNetworkDefGetIpByIndex(network->def, AF_UNSPEC, ii));
+         (ipdef = virNetworkDefGetIpByIndex(network->def,
+                                            network->def->forwardFamily,
+                                            ii));
          ii++) {
         networkRemoveIpSpecificIptablesRules(driver, network, ipdef);
     }
@@ -2173,9 +2179,18 @@ networkStartNetworkVirtual(struct network_driver *driver,
         goto err2;
 
     /* If forwardType != NONE, check for IP forwarding */
-    if (network->def->forwardType != VIR_NETWORK_FORWARD_NONE &&
-        networkCheckIpForwarding(v4present, v6present) < 0) {
-        goto err3;
+    if (network->def->forwardType != VIR_NETWORK_FORWARD_NONE) {
+        if (network->def->forwardFamily) {
+            /* if forwardFamily is set, we have at least a corresponding
+             * family's address
+             */
+            if (networkCheckIpForwarding(network->def->forwardFamily == AF_INET,
+                                         network->def->forwardFamily == AF_INET6) < 0)
+                goto err3;
+        } else {
+            if (networkCheckIpForwarding(v4present, v6present) < 0)
+                goto err3;
+        }
     }
 

-- 
1.7.2.5



--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]