Many methods in the nwfilter code have an 'int incoming' parameter that only takes 0 or 1, so should use a bool instead. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> --- src/nwfilter/nwfilter_ebiptables_driver.c | 187 +++++++++++++++--------------- 1 file changed, 94 insertions(+), 93 deletions(-) diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c index 74a1f9d..2543854 100644 --- a/src/nwfilter/nwfilter_ebiptables_driver.c +++ b/src/nwfilter/nwfilter_ebiptables_driver.c @@ -642,7 +642,7 @@ static int iptablesCreateBaseChains(virBufferPtr buf) static int iptablesCreateTmpRootChain(virBufferPtr buf, char prefix, - int incoming, const char *ifname, + bool incoming, const char *ifname, int stopOnError) { char chain[MAX_CHAINNAME_LENGTH]; @@ -669,9 +669,9 @@ static int iptablesCreateTmpRootChains(virBufferPtr buf, const char *ifname) { - iptablesCreateTmpRootChain(buf, 'F', 0, ifname, 1); - iptablesCreateTmpRootChain(buf, 'F', 1, ifname, 1); - iptablesCreateTmpRootChain(buf, 'H', 1, ifname, 1); + iptablesCreateTmpRootChain(buf, 'F', false, ifname, 1); + iptablesCreateTmpRootChain(buf, 'F', true, ifname, 1); + iptablesCreateTmpRootChain(buf, 'H', true, ifname, 1); return 0; } @@ -679,7 +679,7 @@ iptablesCreateTmpRootChains(virBufferPtr buf, static int _iptablesRemoveRootChain(virBufferPtr buf, char prefix, - int incoming, const char *ifname, + bool incoming, const char *ifname, int isTempChain) { char chain[MAX_CHAINNAME_LENGTH]; @@ -709,7 +709,7 @@ _iptablesRemoveRootChain(virBufferPtr buf, static int iptablesRemoveRootChain(virBufferPtr buf, char prefix, - int incoming, + bool incoming, const char *ifname) { return _iptablesRemoveRootChain(buf, prefix, incoming, ifname, 0); @@ -719,7 +719,7 @@ iptablesRemoveRootChain(virBufferPtr buf, static int iptablesRemoveTmpRootChain(virBufferPtr buf, char prefix, - int incoming, + bool incoming, const char *ifname) { return _iptablesRemoveRootChain(buf, prefix, @@ -731,9 +731,9 @@ static int iptablesRemoveTmpRootChains(virBufferPtr buf, const char *ifname) { - iptablesRemoveTmpRootChain(buf, 'F', 0, ifname); - iptablesRemoveTmpRootChain(buf, 'F', 1, ifname); - iptablesRemoveTmpRootChain(buf, 'H', 1, ifname); + iptablesRemoveTmpRootChain(buf, 'F', false, ifname); + iptablesRemoveTmpRootChain(buf, 'F', true, ifname); + iptablesRemoveTmpRootChain(buf, 'H', true, ifname); return 0; } @@ -742,9 +742,9 @@ static int iptablesRemoveRootChains(virBufferPtr buf, const char *ifname) { - iptablesRemoveRootChain(buf, 'F', 0, ifname); - iptablesRemoveRootChain(buf, 'F', 1, ifname); - iptablesRemoveRootChain(buf, 'H', 1, ifname); + iptablesRemoveRootChain(buf, 'F', false, ifname); + iptablesRemoveRootChain(buf, 'F', true, ifname); + iptablesRemoveRootChain(buf, 'H', true, ifname); return 0; } @@ -753,7 +753,7 @@ static int iptablesLinkTmpRootChain(virBufferPtr buf, const char *basechain, char prefix, - int incoming, const char *ifname, + bool incoming, const char *ifname, int stopOnError) { char chain[MAX_CHAINNAME_LENGTH]; @@ -785,9 +785,9 @@ static int iptablesLinkTmpRootChains(virBufferPtr buf, const char *ifname) { - iptablesLinkTmpRootChain(buf, VIRT_OUT_CHAIN, 'F', 0, ifname, 1); - iptablesLinkTmpRootChain(buf, VIRT_IN_CHAIN, 'F', 1, ifname, 1); - iptablesLinkTmpRootChain(buf, HOST_IN_CHAIN, 'H', 1, ifname, 1); + iptablesLinkTmpRootChain(buf, VIRT_OUT_CHAIN, 'F', false, ifname, 1); + iptablesLinkTmpRootChain(buf, VIRT_IN_CHAIN, 'F', true, ifname, 1); + iptablesLinkTmpRootChain(buf, HOST_IN_CHAIN, 'H', true, ifname, 1); return 0; } @@ -831,7 +831,7 @@ static int _iptablesUnlinkRootChain(virBufferPtr buf, const char *basechain, char prefix, - int incoming, const char *ifname, + bool incoming, const char *ifname, int isTempChain) { char chain[MAX_CHAINNAME_LENGTH]; @@ -877,7 +877,7 @@ static int iptablesUnlinkRootChain(virBufferPtr buf, const char *basechain, char prefix, - int incoming, const char *ifname) + bool incoming, const char *ifname) { return _iptablesUnlinkRootChain(buf, basechain, prefix, incoming, ifname, 0); @@ -888,7 +888,7 @@ static int iptablesUnlinkTmpRootChain(virBufferPtr buf, const char *basechain, char prefix, - int incoming, const char *ifname) + bool incoming, const char *ifname) { return _iptablesUnlinkRootChain(buf, basechain, prefix, incoming, ifname, 1); @@ -899,9 +899,9 @@ static int iptablesUnlinkRootChains(virBufferPtr buf, const char *ifname) { - iptablesUnlinkRootChain(buf, VIRT_OUT_CHAIN, 'F', 0, ifname); - iptablesUnlinkRootChain(buf, VIRT_IN_CHAIN, 'F', 1, ifname); - iptablesUnlinkRootChain(buf, HOST_IN_CHAIN, 'H', 1, ifname); + iptablesUnlinkRootChain(buf, VIRT_OUT_CHAIN, 'F', false, ifname); + iptablesUnlinkRootChain(buf, VIRT_IN_CHAIN, 'F', true, ifname); + iptablesUnlinkRootChain(buf, HOST_IN_CHAIN, 'H', true, ifname); return 0; } @@ -911,9 +911,9 @@ static int iptablesUnlinkTmpRootChains(virBufferPtr buf, const char *ifname) { - iptablesUnlinkTmpRootChain(buf, VIRT_OUT_CHAIN, 'F', 0, ifname); - iptablesUnlinkTmpRootChain(buf, VIRT_IN_CHAIN, 'F', 1, ifname); - iptablesUnlinkTmpRootChain(buf, HOST_IN_CHAIN, 'H', 1, ifname); + iptablesUnlinkTmpRootChain(buf, VIRT_OUT_CHAIN, 'F', false, ifname); + iptablesUnlinkTmpRootChain(buf, VIRT_IN_CHAIN, 'F', true, ifname); + iptablesUnlinkTmpRootChain(buf, HOST_IN_CHAIN, 'H', true, ifname); return 0; } @@ -921,7 +921,7 @@ iptablesUnlinkTmpRootChains(virBufferPtr buf, static int iptablesRenameTmpRootChain(virBufferPtr buf, char prefix, - int incoming, + bool incoming, const char *ifname) { char tmpchain[MAX_CHAINNAME_LENGTH], chain[MAX_CHAINNAME_LENGTH]; @@ -951,9 +951,9 @@ static int iptablesRenameTmpRootChains(virBufferPtr buf, const char *ifname) { - iptablesRenameTmpRootChain(buf, 'F', 0, ifname); - iptablesRenameTmpRootChain(buf, 'F', 1, ifname); - iptablesRenameTmpRootChain(buf, 'H', 1, ifname); + iptablesRenameTmpRootChain(buf, 'F', false, ifname); + iptablesRenameTmpRootChain(buf, 'F', true, ifname); + iptablesRenameTmpRootChain(buf, 'H', true, ifname); return 0; } @@ -2869,7 +2869,7 @@ ebiptablesExecCLI(virBufferPtr buf, bool ignoreNonzero, char **outbuf) static int ebtablesCreateTmpRootChain(virBufferPtr buf, - int incoming, const char *ifname, + bool incoming, const char *ifname, int stopOnError) { char chain[MAX_CHAINNAME_LENGTH]; @@ -2891,7 +2891,7 @@ ebtablesCreateTmpRootChain(virBufferPtr buf, static int ebtablesLinkTmpRootChain(virBufferPtr buf, - int incoming, const char *ifname, + bool incoming, const char *ifname, int stopOnError) { char chain[MAX_CHAINNAME_LENGTH]; @@ -2917,7 +2917,7 @@ ebtablesLinkTmpRootChain(virBufferPtr buf, static int _ebtablesRemoveRootChain(virBufferPtr buf, - int incoming, const char *ifname, + bool incoming, const char *ifname, int isTempChain) { char chain[MAX_CHAINNAME_LENGTH]; @@ -2943,7 +2943,7 @@ _ebtablesRemoveRootChain(virBufferPtr buf, static int ebtablesRemoveRootChain(virBufferPtr buf, - int incoming, const char *ifname) + bool incoming, const char *ifname) { return _ebtablesRemoveRootChain(buf, incoming, ifname, 0); } @@ -2951,7 +2951,7 @@ ebtablesRemoveRootChain(virBufferPtr buf, static int ebtablesRemoveTmpRootChain(virBufferPtr buf, - int incoming, const char *ifname) + bool incoming, const char *ifname) { return _ebtablesRemoveRootChain(buf, incoming, ifname, 1); } @@ -2959,7 +2959,7 @@ ebtablesRemoveTmpRootChain(virBufferPtr buf, static int _ebtablesUnlinkRootChain(virBufferPtr buf, - int incoming, const char *ifname, + bool incoming, const char *ifname, int isTempChain) { char chain[MAX_CHAINNAME_LENGTH]; @@ -2988,7 +2988,7 @@ _ebtablesUnlinkRootChain(virBufferPtr buf, static int ebtablesUnlinkRootChain(virBufferPtr buf, - int incoming, const char *ifname) + bool incoming, const char *ifname) { return _ebtablesUnlinkRootChain(buf, incoming, ifname, 0); } @@ -2996,7 +2996,7 @@ ebtablesUnlinkRootChain(virBufferPtr buf, static int ebtablesUnlinkTmpRootChain(virBufferPtr buf, - int incoming, const char *ifname) + bool incoming, const char *ifname) { return _ebtablesUnlinkRootChain(buf, incoming, ifname, 1); } @@ -3005,7 +3005,7 @@ ebtablesUnlinkTmpRootChain(virBufferPtr buf, static int ebtablesCreateTmpSubChain(ebiptablesRuleInstPtr *inst, int *nRuleInstances, - int incoming, + bool incoming, const char *ifname, enum l3_proto_idx protoidx, const char *filtername, @@ -3145,7 +3145,7 @@ ebtablesRemoveTmpSubChains(virBufferPtr buf, static int ebtablesRenameTmpSubChain(virBufferPtr buf, - int incoming, + bool incoming, const char *ifname, const char *protocol) { @@ -3171,7 +3171,7 @@ ebtablesRenameTmpSubChain(virBufferPtr buf, static int ebtablesRenameTmpRootChain(virBufferPtr buf, - int incoming, + bool incoming, const char *ifname) { return ebtablesRenameTmpSubChain(buf, incoming, ifname, NULL); @@ -3208,8 +3208,8 @@ ebtablesRenameTmpSubAndRootChains(virBufferPtr buf, virBufferAddLit(buf, "rename_chains $chains\n"); - ebtablesRenameTmpRootChain(buf, 1, ifname); - ebtablesRenameTmpRootChain(buf, 0, ifname); + ebtablesRenameTmpRootChain(buf, true, ifname); + ebtablesRenameTmpRootChain(buf, false, ifname); return 0; } @@ -3275,7 +3275,7 @@ ebtablesApplyBasicRules(const char *ifname, NWFILTER_SET_EBTABLES_SHELLVAR(&buf); - ebtablesCreateTmpRootChain(&buf, 1, ifname, 1); + ebtablesCreateTmpRootChain(&buf, true, ifname, 1); PRINT_ROOT_CHAIN(chain, chainPrefix, ifname); virBufferAsprintf(&buf, @@ -3310,8 +3310,8 @@ ebtablesApplyBasicRules(const char *ifname, chain, CMD_STOPONERR(1)); - ebtablesLinkTmpRootChain(&buf, 1, ifname, 1); - ebtablesRenameTmpRootChain(&buf, 1, ifname); + ebtablesLinkTmpRootChain(&buf, true, ifname, 1); + ebtablesRenameTmpRootChain(&buf, true, ifname); if (ebiptablesExecCLI(&buf, false, NULL) < 0) goto tear_down_tmpebchains; @@ -3372,8 +3372,8 @@ ebtablesApplyDHCPOnlyRules(const char *ifname, NWFILTER_SET_EBTABLES_SHELLVAR(&buf); - ebtablesCreateTmpRootChain(&buf, 1, ifname, 1); - ebtablesCreateTmpRootChain(&buf, 0, ifname, 1); + ebtablesCreateTmpRootChain(&buf, true, ifname, 1); + ebtablesCreateTmpRootChain(&buf, false, ifname, 1); PRINT_ROOT_CHAIN(chain_in, CHAINPREFIX_HOST_IN_TEMP, ifname); PRINT_ROOT_CHAIN(chain_out, CHAINPREFIX_HOST_OUT_TEMP, ifname); @@ -3453,12 +3453,12 @@ ebtablesApplyDHCPOnlyRules(const char *ifname, chain_out, CMD_STOPONERR(1)); - ebtablesLinkTmpRootChain(&buf, 1, ifname, 1); - ebtablesLinkTmpRootChain(&buf, 0, ifname, 1); + ebtablesLinkTmpRootChain(&buf, true, ifname, 1); + ebtablesLinkTmpRootChain(&buf, false, ifname, 1); if (!leaveTemporary) { - ebtablesRenameTmpRootChain(&buf, 1, ifname); - ebtablesRenameTmpRootChain(&buf, 0, ifname); + ebtablesRenameTmpRootChain(&buf, true, ifname); + ebtablesRenameTmpRootChain(&buf, false, ifname); } if (ebiptablesExecCLI(&buf, false, NULL) < 0) @@ -3504,8 +3504,8 @@ ebtablesApplyDropAllRules(const char *ifname) NWFILTER_SET_EBTABLES_SHELLVAR(&buf); - ebtablesCreateTmpRootChain(&buf, 1, ifname, 1); - ebtablesCreateTmpRootChain(&buf, 0, ifname, 1); + ebtablesCreateTmpRootChain(&buf, true, ifname, 1); + ebtablesCreateTmpRootChain(&buf, false, ifname, 1); PRINT_ROOT_CHAIN(chain_in, CHAINPREFIX_HOST_IN_TEMP, ifname); PRINT_ROOT_CHAIN(chain_out, CHAINPREFIX_HOST_OUT_TEMP, ifname); @@ -3526,10 +3526,10 @@ ebtablesApplyDropAllRules(const char *ifname) chain_out, CMD_STOPONERR(1)); - ebtablesLinkTmpRootChain(&buf, 1, ifname, 1); - ebtablesLinkTmpRootChain(&buf, 0, ifname, 1); - ebtablesRenameTmpRootChain(&buf, 1, ifname); - ebtablesRenameTmpRootChain(&buf, 0, ifname); + ebtablesLinkTmpRootChain(&buf, true, ifname, 1); + ebtablesLinkTmpRootChain(&buf, false, ifname, 1); + ebtablesRenameTmpRootChain(&buf, true, ifname); + ebtablesRenameTmpRootChain(&buf, false, ifname); if (ebiptablesExecCLI(&buf, false, NULL) < 0) goto tear_down_tmpebchains; @@ -3563,17 +3563,17 @@ static int ebtablesCleanAll(const char *ifname) NWFILTER_SET_EBTABLES_SHELLVAR(&buf); - ebtablesUnlinkRootChain(&buf, 1, ifname); - ebtablesUnlinkRootChain(&buf, 0, ifname); + ebtablesUnlinkRootChain(&buf, true, ifname); + ebtablesUnlinkRootChain(&buf, false, ifname); ebtablesRemoveSubChains(&buf, ifname); - ebtablesRemoveRootChain(&buf, 1, ifname); - ebtablesRemoveRootChain(&buf, 0, ifname); + ebtablesRemoveRootChain(&buf, true, ifname); + ebtablesRemoveRootChain(&buf, false, ifname); - ebtablesUnlinkTmpRootChain(&buf, 1, ifname); - ebtablesUnlinkTmpRootChain(&buf, 0, ifname); + ebtablesUnlinkTmpRootChain(&buf, true, ifname); + ebtablesUnlinkTmpRootChain(&buf, false, ifname); ebtablesRemoveTmpSubChains(&buf, ifname); - ebtablesRemoveTmpRootChain(&buf, 1, ifname); - ebtablesRemoveTmpRootChain(&buf, 0, ifname); + ebtablesRemoveTmpRootChain(&buf, true, ifname); + ebtablesRemoveTmpRootChain(&buf, false, ifname); ebiptablesExecCLI(&buf, true, NULL); return 0; @@ -3682,7 +3682,8 @@ ebtablesGetProtoIdxByFiltername(const char *filtername) static int ebtablesCreateTmpRootAndSubChains(virBufferPtr buf, const char *ifname, - virHashTablePtr chains, int direction, + virHashTablePtr chains, + bool incoming, ebiptablesRuleInstPtr *inst, int *nRuleInstances) { @@ -3691,7 +3692,7 @@ ebtablesCreateTmpRootAndSubChains(virBufferPtr buf, virHashKeyValuePairPtr filter_names; const virNWFilterChainPriority *priority; - if (ebtablesCreateTmpRootChain(buf, direction, ifname, 1) < 0) + if (ebtablesCreateTmpRootChain(buf, incoming, ifname, 1) < 0) return -1; filter_names = virHashGetItems(chains, @@ -3706,7 +3707,7 @@ ebtablesCreateTmpRootAndSubChains(virBufferPtr buf, continue; priority = (const virNWFilterChainPriority *)filter_names[i].value; rc = ebtablesCreateTmpSubChain(inst, nRuleInstances, - direction, ifname, idx, + incoming, ifname, idx, filter_names[i].key, 1, *priority); if (rc < 0) @@ -3765,11 +3766,11 @@ ebiptablesApplyNewRules(const char *ifname, if (ebtables_cmd_path) { NWFILTER_SET_EBTABLES_SHELLVAR(&buf); - ebtablesUnlinkTmpRootChain(&buf, 1, ifname); - ebtablesUnlinkTmpRootChain(&buf, 0, ifname); + ebtablesUnlinkTmpRootChain(&buf, true, ifname); + ebtablesUnlinkTmpRootChain(&buf, false, ifname); ebtablesRemoveTmpSubChains(&buf, ifname); - ebtablesRemoveTmpRootChain(&buf, 1, ifname); - ebtablesRemoveTmpRootChain(&buf, 0, ifname); + ebtablesRemoveTmpRootChain(&buf, true, ifname); + ebtablesRemoveTmpRootChain(&buf, false, ifname); ebiptablesExecCLI(&buf, true, NULL); } @@ -3777,10 +3778,10 @@ ebiptablesApplyNewRules(const char *ifname, /* create needed chains */ if ((virHashSize(chains_in_set) > 0 && - ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_in_set, 1, + ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_in_set, true, &ebtChains, &nEbtChains) < 0) || (virHashSize(chains_out_set) > 0 && - ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_out_set, 0, + ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_out_set, false, &ebtChains, &nEbtChains) < 0)) { goto tear_down_tmpebchains; } @@ -3929,9 +3930,9 @@ ebiptablesApplyNewRules(const char *ifname, NWFILTER_SET_EBTABLES_SHELLVAR(&buf); if (virHashSize(chains_in_set) != 0) - ebtablesLinkTmpRootChain(&buf, 1, ifname, 1); + ebtablesLinkTmpRootChain(&buf, true, ifname, 1); if (virHashSize(chains_out_set) != 0) - ebtablesLinkTmpRootChain(&buf, 0, ifname, 1); + ebtablesLinkTmpRootChain(&buf, false, ifname, 1); if (ebiptablesExecCLI(&buf, false, &errmsg) < 0) goto tear_down_ebsubchains_and_unlink; @@ -3951,8 +3952,8 @@ tear_down_ebsubchains_and_unlink: if (ebtables_cmd_path) { NWFILTER_SET_EBTABLES_SHELLVAR(&buf); - ebtablesUnlinkTmpRootChain(&buf, 1, ifname); - ebtablesUnlinkTmpRootChain(&buf, 0, ifname); + ebtablesUnlinkTmpRootChain(&buf, true, ifname); + ebtablesUnlinkTmpRootChain(&buf, false, ifname); } tear_down_tmpip6tchains: @@ -3976,8 +3977,8 @@ tear_down_tmpebchains: NWFILTER_SET_EBTABLES_SHELLVAR(&buf); ebtablesRemoveTmpSubChains(&buf, ifname); - ebtablesRemoveTmpRootChain(&buf, 1, ifname); - ebtablesRemoveTmpRootChain(&buf, 0, ifname); + ebtablesRemoveTmpRootChain(&buf, true, ifname); + ebtablesRemoveTmpRootChain(&buf, false, ifname); } ebiptablesExecCLI(&buf, true, NULL); @@ -4025,12 +4026,12 @@ ebiptablesTearNewRules(const char *ifname) if (ebtables_cmd_path) { NWFILTER_SET_EBTABLES_SHELLVAR(&buf); - ebtablesUnlinkTmpRootChain(&buf, 1, ifname); - ebtablesUnlinkTmpRootChain(&buf, 0, ifname); + ebtablesUnlinkTmpRootChain(&buf, true, ifname); + ebtablesUnlinkTmpRootChain(&buf, false, ifname); ebtablesRemoveTmpSubChains(&buf, ifname); - ebtablesRemoveTmpRootChain(&buf, 1, ifname); - ebtablesRemoveTmpRootChain(&buf, 0, ifname); + ebtablesRemoveTmpRootChain(&buf, true, ifname); + ebtablesRemoveTmpRootChain(&buf, false, ifname); } ebiptablesExecCLI(&buf, true, NULL); @@ -4068,13 +4069,13 @@ ebiptablesTearOldRules(const char *ifname) if (ebtables_cmd_path) { NWFILTER_SET_EBTABLES_SHELLVAR(&buf); - ebtablesUnlinkRootChain(&buf, 1, ifname); - ebtablesUnlinkRootChain(&buf, 0, ifname); + ebtablesUnlinkRootChain(&buf, true, ifname); + ebtablesUnlinkRootChain(&buf, false, ifname); ebtablesRemoveSubChains(&buf, ifname); - ebtablesRemoveRootChain(&buf, 1, ifname); - ebtablesRemoveRootChain(&buf, 0, ifname); + ebtablesRemoveRootChain(&buf, true, ifname); + ebtablesRemoveRootChain(&buf, false, ifname); ebtablesRenameTmpSubAndRootChains(&buf, ifname); @@ -4157,13 +4158,13 @@ ebiptablesAllTeardown(const char *ifname) if (ebtables_cmd_path) { NWFILTER_SET_EBTABLES_SHELLVAR(&buf); - ebtablesUnlinkRootChain(&buf, 1, ifname); - ebtablesUnlinkRootChain(&buf, 0, ifname); + ebtablesUnlinkRootChain(&buf, true, ifname); + ebtablesUnlinkRootChain(&buf, false, ifname); ebtablesRemoveSubChains(&buf, ifname); - ebtablesRemoveRootChain(&buf, 1, ifname); - ebtablesRemoveRootChain(&buf, 0, ifname); + ebtablesRemoveRootChain(&buf, true, ifname); + ebtablesRemoveRootChain(&buf, false, ifname); } ebiptablesExecCLI(&buf, true, NULL); -- 1.8.5.3 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list