This patch adds documentation about the new 'ways' that users can access the contents of variables in filters: - access via index: $TEST[2] - access via iterators $TEST[@1] --- docs/formatnwfilter.html.in | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) Index: libvirt-iterator/docs/formatnwfilter.html.in =================================================================== --- libvirt-iterator.orig/docs/formatnwfilter.html.in +++ libvirt-iterator/docs/formatnwfilter.html.in @@ -308,7 +308,37 @@ </rule> ... - +
+ Since 0.9.9 it is possible to access + individual elements of a variable holding a list of elements. + A filtering rule like the following accesses the 2nd element + of the variable DSTPORTS. +
++ ... + <rule action='accept' direction='in' priority='500'> + <udp dstportstart='$DSTPORTS[1]'/> + </rule> + ... ++
+ Since 0.9.9 it is possible to create
+ filtering rules that instantiate all combinations of rules from
+ different lists using the notation of
+ $VARIABLE[@<iterator ID>]
.
+ The following rule allows a virtual machine to
+ receive traffic on a set of ports, which are specified in DSTPORTS,
+ from the set of source IP address specified in SRCIPADDRESSES.
+ The rule generates all combinations of elements of the variable
+ DSTPORT with those of SRCIPADDRESSES.
+
+ ... + <rule action='accept' direction='in' priority='500'> + <ip srcipaddr='$SRCIPADDRESSES[@1]' dstportstart='$DSTPORTS[@2]'/> + </rule> + ... +