[libvirt] [PATCH] only remove masquerade rules in NAT mode

Guido Günther agx at sigxcpu.org
Fri Nov 13 17:18:46 UTC 2009 

On Thu, Nov 05, 2009 at 08:35:20PM +0100, Guido Günther wrote:
> Hi,
> attached patch makes sure we only remove the masquerade rules if
> forwardType == VIR_NETWORK_FORWARD_NAT and not if forwardType ==
> VIR_NETWORK_FORWARD_ROUTE since we don't use them there. This fixes:
> 	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549949
> O.k. to apply?
Does this look sane?
 -- Guido
>  -- Guido

> >From 84dc7d595fbd0302077aa767a1fcc840f2a25878 Mon Sep 17 00:00:00 2001
> From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx at sigxcpu.org>
> Date: Thu, 5 Nov 2009 20:28:11 +0100
> Subject: [PATCH] only remove masquerade roles for VIR_NETWORK_FORWARD_NAT
> 
> ---
>  src/network/bridge_driver.c |   11 +++++------
>  1 files changed, 5 insertions(+), 6 deletions(-)
> 
> diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
> index 95bc810..86ec392 100644
> --- a/src/network/bridge_driver.c
> +++ b/src/network/bridge_driver.c
> @@ -765,16 +765,15 @@ static void
>  networkRemoveIptablesRules(struct network_driver *driver,
>                           virNetworkObjPtr network) {
>      if (network->def->forwardType != VIR_NETWORK_FORWARD_NONE) {
> -        iptablesRemoveForwardMasquerade(driver->iptables,
> -                                        network->def->network,
> -                                        network->def->forwardDev);
> -
> -        if (network->def->forwardType == VIR_NETWORK_FORWARD_NAT)
> +        if (network->def->forwardType == VIR_NETWORK_FORWARD_NAT) {
> +            iptablesRemoveForwardMasquerade(driver->iptables,
> +                                                network->def->network,
> +                                                network->def->forwardDev);
>              iptablesRemoveForwardAllowRelatedIn(driver->iptables,
>                                                  network->def->network,
>                                                  network->def->bridge,
>                                                  network->def->forwardDev);
> -        else if (network->def->forwardType == VIR_NETWORK_FORWARD_ROUTE)
> +        } else if (network->def->forwardType == VIR_NETWORK_FORWARD_ROUTE)
>              iptablesRemoveForwardAllowIn(driver->iptables,
>                                           network->def->network,
>                                           network->def->bridge,
> -- 
> 1.6.5.2
> 

> --
> Libvir-list mailing list
> Libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list

More information about the libvir-list mailing list