Compare two filter definitions for equality and only rebuild/instantiate the new filter if the two filters are found to be different. This improves performance during an update of a filter with no obvious change or the reloading of filters during a 'kill -SIGHUP' Unforuntately this more involved than a mere memcmp() on the structures. --- src/Makefile.am | 1 src/conf/nwfilter_conf.c | 213 ++++++++++++++++++++ src/conf/nwfilter_params.c | 18 + src/conf/nwfilter_params.h | 2 src/conf/nwfilter_protocols.c | 447 ++++++++++++++++++++++++++++++++++++++++++ src/conf/nwfilter_protocols.h | 56 +++++ 6 files changed, 737 insertions(+) Index: libvirt-iterator/src/conf/nwfilter_conf.c =================================================================== --- libvirt-iterator.orig/src/conf/nwfilter_conf.c +++ libvirt-iterator/src/conf/nwfilter_conf.c @@ -42,6 +42,7 @@ #include "memory.h" #include "virterror_internal.h" #include "datatypes.h" +#include "nwfilter_protocols.h" #include "nwfilter_params.h" #include "nwfilter_conf.h" #include "domain_conf.h" @@ -140,6 +141,10 @@ static const struct int_map chain_priori INTMAP_ENTRY_LAST, }; +static bool virNWFilterDefEqual(const virNWFilterDefPtr def1, + const virNWFilterDefPtr def2, + bool cmpUUIDs); + /* * only one filter update allowed */ @@ -407,6 +412,134 @@ virNWFilterRuleDefAddString(virNWFilterR return nwf->strings[nwf->nstrings-1]; } +static bool +virNWFilterRuleDefEqual(const virNWFilterRuleDefPtr def1, + const virNWFilterRuleDefPtr def2) +{ + unsigned int i, j; + bool equal; + + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (def1->priority != def2->priority || + def1->flags != def2->flags || + def1->action != def2->action || + def1->tt != def2->tt || + def1->prtclType != def2->prtclType) + return false; + + switch (def1->prtclType) { + case VIR_NWFILTER_RULE_PROTOCOL_NONE: + return true; + case VIR_NWFILTER_RULE_PROTOCOL_MAC: + equal = virNWFilterEthHdrFilterDefEqual(&def1->p.ethHdrFilter, + &def2->p.ethHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_VLAN: + equal = virNWFilterVlanHdrFilterDefEqual(&def1->p.vlanHdrFilter, + &def2->p.vlanHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_STP: + equal = virNWFilterStpHdrFilterDefEqual(&def1->p.stpHdrFilter, + &def2->p.stpHdrFilter); + case VIR_NWFILTER_RULE_PROTOCOL_ARP: + case VIR_NWFILTER_RULE_PROTOCOL_RARP: + equal = virNWFilterArpHdrFilterDefEqual(&def1->p.arpHdrFilter, + &def2->p.arpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_IP: + equal = virNWFilterIpHdrFilterDefEqual(&def1->p.ipHdrFilter, + &def2->p.ipHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_IPV6: + equal = virNWFilterIpv6HdrFilterDefEqual(&def1->p.ipv6HdrFilter, + &def2->p.ipv6HdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_TCP: + case VIR_NWFILTER_RULE_PROTOCOL_TCPoIPV6: + equal = virNWFilterTcpHdrFilterDefEqual(&def1->p.tcpHdrFilter, + &def2->p.tcpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_ICMP: + case VIR_NWFILTER_RULE_PROTOCOL_ICMPV6: + equal = virNWFilterIcmpHdrFilterDefEqual(&def1->p.icmpHdrFilter, + &def2->p.icmpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_IGMP: + equal = virNWFilterIgmpHdrFilterDefEqual(&def1->p.igmpHdrFilter, + &def2->p.igmpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_UDP: + case VIR_NWFILTER_RULE_PROTOCOL_UDPoIPV6: + equal = virNWFilterUdpHdrFilterDefEqual(&def1->p.udpHdrFilter, + &def2->p.udpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_UDPLITE: + case VIR_NWFILTER_RULE_PROTOCOL_UDPLITEoIPV6: + equal = virNWFilterUdpliteHdrFilterDefEqual(&def1->p.udpliteHdrFilter, + &def2->p.udpliteHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_ESP: + case VIR_NWFILTER_RULE_PROTOCOL_ESPoIPV6: + equal = virNWFilterEspHdrFilterDefEqual(&def1->p.espHdrFilter, + &def2->p.espHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_AH: + case VIR_NWFILTER_RULE_PROTOCOL_AHoIPV6: + equal = virNWFilterAhHdrFilterDefEqual(&def1->p.ahHdrFilter, + &def2->p.ahHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_SCTP: + case VIR_NWFILTER_RULE_PROTOCOL_SCTPoIPV6: + equal = virNWFilterSctpHdrFilterDefEqual(&def1->p.sctpHdrFilter, + &def2->p.sctpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_ALL: + case VIR_NWFILTER_RULE_PROTOCOL_ALLoIPV6: + equal = virNWFilterAllHdrFilterDefEqual(&def1->p.allHdrFilter, + &def2->p.allHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_LAST: + return false; + } + + if (!equal) + return false; + + if (def1->nVarAccess != def2->nVarAccess) + return false; + + for (i = 0; i < def1->nVarAccess; i++) { + equal = false; + for (j = 0; j < def2->nVarAccess; j++) { + equal = virNWFilterVarAccessEqual(def1->varAccess[i], + def2->varAccess[j]); + if (equal) + break; + } + if (!equal) + return false; + } + + if (def1->nstrings != def2->nstrings) + return false; + + for (i = 0; i < def1->nstrings; i++) { + equal = false; + for (j = 0; j < def2->nstrings; j++) { + equal = STREQ(def1->strings[i], def2->strings[j]); + if (equal) + break; + } + if (!equal) + return false; + } + return true; +} void virNWFilterObjRemove(virNWFilterObjListPtr nwfilters, @@ -2817,6 +2950,14 @@ virNWFilterObjAssignDef(virConnectPtr co virNWFilterLockFilterUpdates(); if ((nwfilter = virNWFilterObjFindByName(nwfilters, def->name))) { + + if (virNWFilterDefEqual(def, nwfilter->def, false)) { + virNWFilterDefFree(nwfilter->def); + nwfilter->def = def; + virNWFilterUnlockFilterUpdates(); + return nwfilter; + } + nwfilter->newDef = def; /* trigger the update on VMs referencing the filter */ if (virNWFilterTriggerVMFilterRebuild(conn)) { @@ -3226,6 +3367,22 @@ virNWFilterIncludeDefFormat(virNWFilterI return virBufferContentAndReset(&buf); } +static bool +virNWFilterIncludeDefEqual(const virNWFilterIncludeDefPtr def1, + const virNWFilterIncludeDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!STREQ(def1->filterref, def2->filterref) || + !virNWFilterHashTableEqual(def1->params, def2->params)) + return false; + + return true; +} static char * virNWFilterEntryFormat(virNWFilterEntryPtr entry) @@ -3235,6 +3392,22 @@ virNWFilterEntryFormat(virNWFilterEntryP return virNWFilterIncludeDefFormat(entry->include); } +static bool +virNWFilterEntryEqual(const virNWFilterEntryPtr def1, + const virNWFilterEntryPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterRuleDefEqual(def1->rule, def2->rule) || + !virNWFilterIncludeDefEqual(def1->include, def2->include)) + return false; + + return true; +} char * virNWFilterDefFormat(virNWFilterDefPtr def) @@ -3278,6 +3451,46 @@ virNWFilterDefFormat(virNWFilterDefPtr d return NULL; } +/* Compare two filter definitions for equality. + * Both filters must have the same content and all content must appear in the + * same order. + * + * @def1: the 1st filter + * @def2: the 2nd filter + * @cmpUUIDs: whether to compare the UUIDs of the two filters + * + * Returns true if both filters are equal, false otherwise. + */ +static bool +virNWFilterDefEqual(const virNWFilterDefPtr def1, const virNWFilterDefPtr def2, + bool cmpUUIDs) +{ + unsigned int i; + bool equal; + + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!STREQ(def1->name, def2->name) || + (cmpUUIDs && memcmp(def1->uuid, def2->uuid, sizeof(def1->uuid)) != 0) || + !STREQ(def1->chainsuffix, def2->chainsuffix) || + def1->chainPriority != def2->chainPriority || + def1->nentries != def2->nentries) + return false; + + /* the order of the filter entries must be the same in both */ + for (i = 0; i < def1->nentries; i++) { + equal = virNWFilterEntryEqual(def1->filterEntries[i], + def2->filterEntries[i]); + if (!equal) + return false; + } + + return true; +} char *virNWFilterConfigFile(const char *dir, const char *name) Index: libvirt-iterator/src/conf/nwfilter_params.c =================================================================== --- libvirt-iterator.orig/src/conf/nwfilter_params.c +++ libvirt-iterator/src/conf/nwfilter_params.c @@ -747,6 +747,19 @@ err_exit: return -1; } +bool +virNWFilterHashTableEqual(const virNWFilterHashTablePtr hash1, + const virNWFilterHashTablePtr hash2) +{ + if (hash1 == hash2) + return true; + + if (!hash1 || !hash2) + return false; + + return virHashEqual(hash1->hashTable, hash2->hashTable, + (virHashValueComparator)strcmp); +} static bool isValidVarName(const char *var) @@ -896,6 +909,11 @@ bool virNWFilterVarAccessEqual(const virNWFilterVarAccessPtr a, const virNWFilterVarAccessPtr b) { + if (a == b) + return true; + if (!a || !b) + return false; + if (a->accessType != b->accessType) return false; Index: libvirt-iterator/src/conf/nwfilter_params.h =================================================================== --- libvirt-iterator.orig/src/conf/nwfilter_params.h +++ libvirt-iterator/src/conf/nwfilter_params.h @@ -84,6 +84,8 @@ void *virNWFilterHashTableRemoveEntry(vi const char *name); int virNWFilterHashTablePutAll(virNWFilterHashTablePtr src, virNWFilterHashTablePtr dest); +bool virNWFilterHashTableEqual(const virNWFilterHashTablePtr hash1, + const virNWFilterHashTablePtr hash2); # define VALID_VARNAME \ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_" Index: libvirt-iterator/src/Makefile.am =================================================================== --- libvirt-iterator.orig/src/Makefile.am +++ libvirt-iterator/src/Makefile.am @@ -152,6 +152,7 @@ NETWORK_CONF_SOURCES = \ # Network filter driver generic impl APIs NWFILTER_PARAM_CONF_SOURCES = \ conf/nwfilter_params.c conf/nwfilter_params.h \ + conf/nwfilter_protocols.c conf/nwfilter_protocols.h \ conf/nwfilter_conf.h NWFILTER_CONF_SOURCES = \ Index: libvirt-iterator/src/conf/nwfilter_protocols.c =================================================================== --- /dev/null +++ libvirt-iterator/src/conf/nwfilter_protocols.c @@ -0,0 +1,447 @@ +/* + * nwfilter_protocols.c: protocol handling + * + * Copyright (C) 2011 IBM Corporation + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Author: Stefan Berger + */ + +#include + +#include "internal.h" + +#include "uuid.h" +#include "virterror_internal.h" +#include "datatypes.h" +#include "nwfilter_params.h" +#include "nwfilter_conf.h" +#include "nwfilter_protocols.h" + +#define VIR_FROM_THIS VIR_FROM_NWFILTER + +#define NWITEMDESCEQUAL(ITEM) \ + virNWFilterNWItemDescEqual(&def1->ITEM, &def2->ITEM) + +static bool +virNWFilterNWItemDescEqual(const nwItemDescPtr def1, + const nwItemDescPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (def1->flags != def2->flags || + !virNWFilterVarAccessEqual(def1->varAccess, def2->varAccess) || + def1->datatype != def2->datatype) + return false; + + switch (def1->datatype) { + case DATATYPE_STRINGCOPY: + if (strcmp(def1->u.string, def2->u.string)) + return false; + break; + case DATATYPE_UINT16: + case DATATYPE_UINT8: + case DATATYPE_UINT16_HEX: + case DATATYPE_UINT8_HEX: + case DATATYPE_MACADDR: + case DATATYPE_MACMASK: + case DATATYPE_IPADDR: + case DATATYPE_IPMASK: + case DATATYPE_IPV6ADDR: + case DATATYPE_IPV6MASK: + case DATATYPE_STRING: + case DATATYPE_BOOLEAN: + case DATATYPE_UINT32: + case DATATYPE_UINT32_HEX: + if (memcmp(&def1->u, &def2->u, sizeof(def1->u))) + return false; + break; + case DATATYPE_LAST: + return false; + } + + return true; +} + +static bool +virNWFilterEthHdrDataDefEqual(const ethHdrDataDefPtr def1, + const ethHdrDataDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !NWITEMDESCEQUAL(dataSrcMACMask) || + !NWITEMDESCEQUAL(dataDstMACAddr) || + !NWITEMDESCEQUAL(dataDstMACMask)) + return false; + + return true; +} + +bool +virNWFilterEthHdrFilterDefEqual(const ethHdrFilterDefPtr def1, + const ethHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !NWITEMDESCEQUAL(dataProtocolID) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +bool +virNWFilterVlanHdrFilterDefEqual(const vlanHdrFilterDefPtr def1, + const vlanHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !NWITEMDESCEQUAL(dataVlanID) || + !NWITEMDESCEQUAL(dataVlanEncap) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +bool +virNWFilterStpHdrFilterDefEqual(const stpHdrFilterDefPtr def1, + const stpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !NWITEMDESCEQUAL(dataType) || + !NWITEMDESCEQUAL(dataFlags) || + !NWITEMDESCEQUAL(dataRootPri) || + !NWITEMDESCEQUAL(dataRootPriHi) || + !NWITEMDESCEQUAL(dataRootAddr) || + !NWITEMDESCEQUAL(dataRootAddrMask) || + !NWITEMDESCEQUAL(dataRootCost) || + !NWITEMDESCEQUAL(dataRootCostHi) || + !NWITEMDESCEQUAL(dataSndrPrio) || + !NWITEMDESCEQUAL(dataSndrPrioHi) || + !NWITEMDESCEQUAL(dataSndrAddr) || + !NWITEMDESCEQUAL(dataSndrAddrMask) || + !NWITEMDESCEQUAL(dataPort) || + !NWITEMDESCEQUAL(dataPortHi) || + !NWITEMDESCEQUAL(dataAge) || + !NWITEMDESCEQUAL(dataAgeHi) || + !NWITEMDESCEQUAL(dataMaxAge) || + !NWITEMDESCEQUAL(dataMaxAgeHi) || + !NWITEMDESCEQUAL(dataHelloTime) || + !NWITEMDESCEQUAL(dataHelloTimeHi) || + !NWITEMDESCEQUAL(dataFwdDelay) || + !NWITEMDESCEQUAL(dataFwdDelayHi) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +bool +virNWFilterArpHdrFilterDefEqual(const arpHdrFilterDefPtr def1, + const arpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !NWITEMDESCEQUAL(dataHWType) || + !NWITEMDESCEQUAL(dataProtocolType) || + !NWITEMDESCEQUAL(dataOpcode) || + !NWITEMDESCEQUAL(dataARPSrcMACAddr) || + !NWITEMDESCEQUAL(dataARPSrcIPAddr) || + !NWITEMDESCEQUAL(dataARPDstMACAddr) || + !NWITEMDESCEQUAL(dataARPDstIPAddr) || + !NWITEMDESCEQUAL(dataGratuitousARP) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +static bool +virNWFilterIpHdrDataDefEqual(const ipHdrDataDefPtr def1, + const ipHdrDataDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataIPVersion) || + !NWITEMDESCEQUAL(dataSrcIPAddr) || + !NWITEMDESCEQUAL(dataSrcIPMask) || + !NWITEMDESCEQUAL(dataDstIPAddr) || + !NWITEMDESCEQUAL(dataDstIPMask) || + !NWITEMDESCEQUAL(dataProtocolID) || + !NWITEMDESCEQUAL(dataSrcIPFrom) || + !NWITEMDESCEQUAL(dataSrcIPTo) || + !NWITEMDESCEQUAL(dataDstIPFrom) || + !NWITEMDESCEQUAL(dataDstIPTo) || + !NWITEMDESCEQUAL(dataDSCP) || + !NWITEMDESCEQUAL(dataState) || + !NWITEMDESCEQUAL(dataConnlimitAbove) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +static bool +virNWFilterPortDataDefEqual(const portDataDefPtr def1, + const portDataDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcPortStart) || + !NWITEMDESCEQUAL(dataSrcPortEnd) || + !NWITEMDESCEQUAL(dataDstPortStart) || + !NWITEMDESCEQUAL(dataDstPortEnd)) + return false; + + return true; +} + +bool +virNWFilterIpHdrFilterDefEqual(const ipHdrFilterDefPtr def1, + const ipHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData)) + return false; + + return true; +} + +bool +virNWFilterIpv6HdrFilterDefEqual(const ipv6HdrFilterDefPtr def1, + const ipv6HdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData)) + return false; + + return true; +} + +bool +virNWFilterIcmpHdrFilterDefEqual(const icmpHdrFilterDefPtr def1, + const icmpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !NWITEMDESCEQUAL(dataICMPType) || + !NWITEMDESCEQUAL(dataICMPCode) || + !NWITEMDESCEQUAL(dataStateFlags)) + return false; + + return true; +} + +bool +virNWFilterAllHdrFilterDefEqual(const allHdrFilterDefPtr def1, + const allHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + +bool +virNWFilterIgmpHdrFilterDefEqual(const igmpHdrFilterDefPtr def1, + const igmpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + +bool +virNWFilterTcpHdrFilterDefEqual(const tcpHdrFilterDefPtr def1, + const tcpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData) || + !NWITEMDESCEQUAL(dataTCPOption) || + !NWITEMDESCEQUAL(dataTCPFlags)) + return false; + + return true; +} + +bool +virNWFilterUdpHdrFilterDefEqual(const udpHdrFilterDefPtr def1, + const udpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData)) + return false; + + return true; +} + +bool +virNWFilterSctpHdrFilterDefEqual(const sctpHdrFilterDefPtr def1, + const sctpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData)) + return false; + + return true; +} + +bool +virNWFilterEspHdrFilterDefEqual(const espHdrFilterDefPtr def1, + const espHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + +bool +virNWFilterAhHdrFilterDefEqual(const ahHdrFilterDefPtr def1, + const ahHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + +bool +virNWFilterUdpliteHdrFilterDefEqual(const udpliteHdrFilterDefPtr def1, + const udpliteHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + Index: libvirt-iterator/src/conf/nwfilter_protocols.h =================================================================== --- /dev/null +++ libvirt-iterator/src/conf/nwfilter_protocols.h @@ -0,0 +1,56 @@ +/* + * nwfilter_protocols.h: protocol handling + * + * Copyright (C) 2011 IBM Corporation + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Author: Stefan Berger + */ + +#include "datatypes.h" +#include "nwfilter_params.h" +#include "nwfilter_conf.h" + +bool virNWFilterEthHdrFilterDefEqual(const ethHdrFilterDefPtr def1, + const ethHdrFilterDefPtr def2); +bool virNWFilterVlanHdrFilterDefEqual(const vlanHdrFilterDefPtr def1, + const vlanHdrFilterDefPtr def2); +bool virNWFilterStpHdrFilterDefEqual(const stpHdrFilterDefPtr def1, + const stpHdrFilterDefPtr def2); +bool virNWFilterArpHdrFilterDefEqual(const arpHdrFilterDefPtr def1, + const arpHdrFilterDefPtr def2); +bool virNWFilterIpHdrFilterDefEqual(const ipHdrFilterDefPtr def1, + const ipHdrFilterDefPtr def2); +bool virNWFilterIpv6HdrFilterDefEqual(const ipv6HdrFilterDefPtr def1, + const ipv6HdrFilterDefPtr def2); +bool virNWFilterIcmpHdrFilterDefEqual(const icmpHdrFilterDefPtr def1, + const icmpHdrFilterDefPtr def2); +bool virNWFilterAllHdrFilterDefEqual(const allHdrFilterDefPtr def1, + const allHdrFilterDefPtr def2); +bool virNWFilterIgmpHdrFilterDefEqual(const igmpHdrFilterDefPtr def1, + const igmpHdrFilterDefPtr def2); +bool virNWFilterTcpHdrFilterDefEqual(const tcpHdrFilterDefPtr def1, + const tcpHdrFilterDefPtr def2); +bool virNWFilterUdpHdrFilterDefEqual(const udpHdrFilterDefPtr def1, + const udpHdrFilterDefPtr def2); +bool virNWFilterSctpHdrFilterDefEqual(const sctpHdrFilterDefPtr def1, + const sctpHdrFilterDefPtr def2); +bool virNWFilterEspHdrFilterDefEqual(const espHdrFilterDefPtr def1, + const espHdrFilterDefPtr def2); +bool virNWFilterAhHdrFilterDefEqual(const ahHdrFilterDefPtr def1, + const ahHdrFilterDefPtr def2); +bool virNWFilterUdpliteHdrFilterDefEqual(const udpliteHdrFilterDefPtr def1, + const udpliteHdrFilterDefPtr def2);