[libvirt] [PATCH] nwfilter: remove virConnectPtr conn from functions where it is not necessary

Stefan Berger stefanb at us.ibm.com
Mon Apr 5 11:27:39 UTC 2010


This patch removes the virConnectPtr parameter from all functions where it's not necessary starting out with removing it as a parameter to the error reporting function.

Signed-off-by: Stefan Berger <stefanb at us.ibm.com>

---
 src/conf/nwfilter_conf.c                  |  154 ++----
 src/conf/nwfilter_conf.h                  |   24 
 src/conf/nwfilter_params.c                |    7 
 src/conf/nwfilter_params.h                |    3 
 src/nwfilter/nwfilter_driver.c            |   24 
 src/nwfilter/nwfilter_ebiptables_driver.c |  760 ++++++++++++------------------
 src/nwfilter/nwfilter_gentech_driver.c    |   51 --
 src/nwfilter/nwfilter_gentech_driver.h    |    6 
 tests/nwfilterxml2xmltest.c               |    2 
 9 files changed, 423 insertions(+), 608 deletions(-)

Index: libvirt-acl/src/conf/nwfilter_conf.h
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_conf.h
+++ libvirt-acl/src/conf/nwfilter_conf.h
@@ -518,13 +518,11 @@ virNWFilterPoolObjPtr
                                      const char *name);
 
 
-int virNWFilterPoolObjSaveDef(virConnectPtr conn,
-                              virNWFilterDriverStatePtr driver,
+int virNWFilterPoolObjSaveDef(virNWFilterDriverStatePtr driver,
                               virNWFilterPoolObjPtr pool,
                               virNWFilterDefPtr def);
 
-int virNWFilterPoolObjDeleteDef(virConnectPtr conn,
-                                virNWFilterPoolObjPtr pool);
+int virNWFilterPoolObjDeleteDef(virNWFilterPoolObjPtr pool);
 
 virNWFilterPoolObjPtr virNWFilterPoolObjAssignDef(virConnectPtr conn,
                                                   virNWFilterPoolObjListPtr pools,
@@ -533,28 +531,23 @@ virNWFilterPoolObjPtr virNWFilterPoolObj
 int virNWFilterTestUnassignDef(virConnectPtr conn,
                                virNWFilterPoolObjPtr pool);
 
-virNWFilterDefPtr virNWFilterDefParseNode(virConnectPtr conn,
-                                          xmlDocPtr xml,
+virNWFilterDefPtr virNWFilterDefParseNode(xmlDocPtr xml,
                                           xmlNodePtr root);
 
-char *virNWFilterDefFormat(virConnectPtr conn,
-                           virNWFilterDefPtr def);
+char *virNWFilterDefFormat(virNWFilterDefPtr def);
 
-int virNWFilterSaveXML(virConnectPtr conn,
-                       const char *configDir,
+int virNWFilterSaveXML(const char *configDir,
                        virNWFilterDefPtr def,
                        const char *xml);
 
-int virNWFilterSaveConfig(virConnectPtr conn,
-                          const char *configDir,
+int virNWFilterSaveConfig(const char *configDir,
                           virNWFilterDefPtr def);
 
 int virNWFilterPoolLoadAllConfigs(virConnectPtr conn,
                                   virNWFilterPoolObjListPtr pools,
                                   const char *configDir);
 
-char *virNWFilterConfigFile(virConnectPtr conn,
-                            const char *dir,
+char *virNWFilterConfigFile(const char *dir,
                             const char *name);
 
 virNWFilterDefPtr virNWFilterDefParseString(virConnectPtr conn,
@@ -568,8 +561,7 @@ void virNWFilterPoolObjUnlock(virNWFilte
 int virNWFilterConfLayerInit(virHashIterator domUpdateCB);
 void virNWFilterConfLayerShutdown(void);
 
-# define virNWFilterReportError(conn, code, fmt...)                          \
-        (void)conn;                                                          \
+# define virNWFilterReportError(code, fmt...)				\
         virReportErrorHelper(NULL, VIR_FROM_NWFILTER, code, __FILE__,	\
                                __FUNCTION__, __LINE__, fmt)
 
Index: libvirt-acl/src/conf/nwfilter_conf.c
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_conf.c
+++ libvirt-acl/src/conf/nwfilter_conf.c
@@ -310,8 +310,7 @@ virNWFilterPoolObjListFree(virNWFilterPo
 
 
 static int
-virNWFilterRuleDefAddVar(virConnectPtr conn ATTRIBUTE_UNUSED,
-                         virNWFilterRuleDefPtr nwf,
+virNWFilterRuleDefAddVar(virNWFilterRuleDefPtr nwf,
                          nwItemDesc *item,
                          const char *var)
 {
@@ -1112,8 +1111,7 @@ virNWIPv6AddressParser(const char *input
 
 
 static int
-virNWFilterRuleDetailsParse(virConnectPtr conn ATTRIBUTE_UNUSED,
-                            xmlNodePtr node,
+virNWFilterRuleDetailsParse(xmlNodePtr node,
                             virNWFilterRuleDefPtr nwf,
                             const virXMLAttr2Struct *att)
 {
@@ -1152,8 +1150,7 @@ virNWFilterRuleDetailsParse(virConnectPt
                 flags_set |= NWFILTER_ENTRY_ITEM_FLAG_HAS_VAR;
                 storage_ptr = NULL;
 
-                if (virNWFilterRuleDefAddVar(conn,
-                                             nwf,
+                if (virNWFilterRuleDefAddVar(nwf,
                                              item,
                                              &prop[1]))
                     rc = -1;
@@ -1325,7 +1322,7 @@ virNWFilterRuleDetailsParse(virConnectPt
             }
 
             if (!found || rc) {
-                virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+                virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                        _("%s has illegal value %s"),
                                        att[idx].name, prop);
                 rc = -1;
@@ -1348,8 +1345,7 @@ virNWFilterRuleDetailsParse(virConnectPt
 
 
 static virNWFilterIncludeDefPtr
-virNWFilterIncludeParse(virConnectPtr conn,
-                        xmlNodePtr cur)
+virNWFilterIncludeParse(xmlNodePtr cur)
 {
     virNWFilterIncludeDefPtr ret;
 
@@ -1360,7 +1356,7 @@ virNWFilterIncludeParse(virConnectPtr co
 
     ret->filterref = virXMLPropString(cur, "filter");
     if (!ret->filterref) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s",
                                _("rule node requires action attribute"));
         goto err_exit;
@@ -1548,8 +1544,7 @@ virNWFilterRuleDefFixup(virNWFilterRuleD
 
 
 static virNWFilterRuleDefPtr
-virNWFilterRuleParse(virConnectPtr conn,
-                     xmlNodePtr node)
+virNWFilterRuleParse(xmlNodePtr node)
 {
     char *action;
     char *direction;
@@ -1571,28 +1566,28 @@ virNWFilterRuleParse(virConnectPtr conn,
     prio      = virXMLPropString(node, "priority");
 
     if (!action) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s",
                                _("rule node requires action attribute"));
         goto err_exit;
     }
 
     if ((ret->action = virNWFilterRuleActionTypeFromString(action)) < 0) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s",
                                _("unknown rule action attribute value"));
         goto err_exit;
     }
 
     if (!direction) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s",
                                _("rule node requires direction attribute"));
         goto err_exit;
     }
 
     if ((ret->tt = virNWFilterRuleDirectionTypeFromString(direction)) < 0) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s",
                                _("unknown rule direction attribute value"));
         goto err_exit;
@@ -1624,8 +1619,7 @@ virNWFilterRuleParse(virConnectPtr conn,
                     found = 1;
                     ret->prtclType = virAttr[i].prtclType;
 
-                    if (virNWFilterRuleDetailsParse(conn,
-                                                    cur,
+                    if (virNWFilterRuleDetailsParse(cur,
                                                     ret,
                                                     virAttr[i].att) < 0) {
                         /* we ignore malformed rules
@@ -1663,8 +1657,7 @@ err_exit:
 
 
 static virNWFilterDefPtr
-virNWFilterDefParseXML(virConnectPtr conn,
-                       xmlXPathContextPtr ctxt) {
+virNWFilterDefParseXML(xmlXPathContextPtr ctxt) {
     virNWFilterDefPtr ret;
     xmlNodePtr curr = ctxt->node;
     char *uuid = NULL;
@@ -1678,7 +1671,7 @@ virNWFilterDefParseXML(virConnectPtr con
 
     ret->name = virXPathString("string(./@name)", ctxt);
     if (!ret->name) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s", _("filter has no name"));
         goto cleanup;
     }
@@ -1688,7 +1681,7 @@ virNWFilterDefParseXML(virConnectPtr con
     if (chain) {
         if ((ret->chainsuffix =
              virNWFilterChainSuffixTypeFromString(chain)) < 0) {
-            virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                    _("unknown chain suffix '%s'"), chain);
             goto cleanup;
         }
@@ -1697,13 +1690,13 @@ virNWFilterDefParseXML(virConnectPtr con
     uuid = virXPathString("string(./uuid)", ctxt);
     if (uuid == NULL) {
         if (virUUIDGenerate(ret->uuid) < 0) {
-            virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                   "%s", _("unable to generate uuid"));
             goto cleanup;
         }
     } else {
         if (virUUIDParse(uuid, ret->uuid) < 0) {
-            virNWFilterReportError(conn, VIR_ERR_XML_ERROR,
+            virNWFilterReportError(VIR_ERR_XML_ERROR,
                                   "%s", _("malformed uuid element"));
             goto cleanup;
         }
@@ -1721,9 +1714,9 @@ virNWFilterDefParseXML(virConnectPtr con
 
             /* ignore malformed rule and include elements */
             if (xmlStrEqual(curr->name, BAD_CAST "rule"))
-                entry->rule = virNWFilterRuleParse(conn, curr);
+                entry->rule = virNWFilterRuleParse(curr);
             else if (xmlStrEqual(curr->name, BAD_CAST "filterref"))
-                entry->include = virNWFilterIncludeParse(conn, curr);
+                entry->include = virNWFilterIncludeParse(curr);
 
             if (entry->rule || entry->include) {
                 if (VIR_REALLOC_N(ret->filterEntries, ret->nentries+1) < 0) {
@@ -1762,7 +1755,7 @@ catchXMLError (void *ctx, const char *ms
             conn->err.code == VIR_ERR_NONE &&
             ctxt->lastError.level == XML_ERR_FATAL &&
             ctxt->lastError.message != NULL) {
-            virNWFilterReportError(conn, VIR_ERR_XML_DETAIL,
+            virNWFilterReportError(VIR_ERR_XML_DETAIL,
                                    _("at line %d: %s"),
                                    ctxt->lastError.line,
                                    ctxt->lastError.message);
@@ -1772,14 +1765,13 @@ catchXMLError (void *ctx, const char *ms
 
 
 virNWFilterDefPtr
-virNWFilterDefParseNode(virConnectPtr conn,
-                        xmlDocPtr xml,
+virNWFilterDefParseNode(xmlDocPtr xml,
                         xmlNodePtr root) {
     xmlXPathContextPtr ctxt = NULL;
     virNWFilterDefPtr def = NULL;
 
     if (STRNEQ((const char *)root->name, "filter")) {
-        virNWFilterReportError(conn, VIR_ERR_XML_ERROR,
+        virNWFilterReportError(VIR_ERR_XML_ERROR,
                                "%s",
                                _("unknown root element for nw filter pool"));
         goto cleanup;
@@ -1792,7 +1784,7 @@ virNWFilterDefParseNode(virConnectPtr co
     }
 
     ctxt->node = root;
-    def = virNWFilterDefParseXML(conn, ctxt);
+    def = virNWFilterDefParseXML(ctxt);
 
 cleanup:
     xmlXPathFreeContext(ctxt);
@@ -1802,8 +1794,8 @@ cleanup:
 
 static virNWFilterDefPtr
 virNWFilterDefParse(virConnectPtr conn,
-                     const char *xmlStr,
-                     const char *filename) {
+                    const char *xmlStr,
+                    const char *filename) {
     virNWFilterDefPtr ret = NULL;
     xmlParserCtxtPtr pctxt;
     xmlDocPtr xml = NULL;
@@ -1830,19 +1822,19 @@ virNWFilterDefParse(virConnectPtr conn,
 
     if (!xml) {
         if (conn && conn->err.code == VIR_ERR_NONE)
-              virNWFilterReportError(conn, VIR_ERR_XML_ERROR,
+              virNWFilterReportError(VIR_ERR_XML_ERROR,
                                      "%s",_("failed to parse xml document"));
         goto cleanup;
     }
 
     node = xmlDocGetRootElement(xml);
     if (node == NULL) {
-        virNWFilterReportError(conn, VIR_ERR_XML_ERROR,
+        virNWFilterReportError(VIR_ERR_XML_ERROR,
                                "%s", _("missing root element"));
         goto cleanup;
     }
 
-    ret = virNWFilterDefParseNode(conn, xml, node);
+    ret = virNWFilterDefParseNode(xml, node);
 
     xmlFreeParserCtxt (pctxt);
     xmlFreeDoc(xml);
@@ -1858,7 +1850,7 @@ virNWFilterDefParse(virConnectPtr conn,
 
 virNWFilterDefPtr
 virNWFilterDefParseString(virConnectPtr conn,
-                             const char *xmlStr)
+                          const char *xmlStr)
 {
     return virNWFilterDefParse(conn, xmlStr, NULL);
 }
@@ -1874,7 +1866,7 @@ virNWFilterDefParseFile(virConnectPtr co
 
 virNWFilterPoolObjPtr
 virNWFilterPoolObjFindByUUID(virNWFilterPoolObjListPtr pools,
-                            const unsigned char *uuid)
+                             const unsigned char *uuid)
 {
     unsigned int i;
 
@@ -1891,7 +1883,7 @@ virNWFilterPoolObjFindByUUID(virNWFilter
 
 virNWFilterPoolObjPtr
 virNWFilterPoolObjFindByName(virNWFilterPoolObjListPtr pools,
-                            const char *name)
+                             const char *name)
 {
     unsigned int i;
 
@@ -1906,8 +1898,7 @@ virNWFilterPoolObjFindByName(virNWFilter
 }
 
 
-int virNWFilterSaveXML(virConnectPtr conn,
-                       const char *configDir,
+int virNWFilterSaveXML(const char *configDir,
                        virNWFilterDefPtr def,
                        const char *xml)
 {
@@ -1916,7 +1907,7 @@ int virNWFilterSaveXML(virConnectPtr con
     size_t towrite;
     int err;
 
-    if ((configFile = virNWFilterConfigFile(conn, configDir, def->name)) == NULL)
+    if ((configFile = virNWFilterConfigFile(configDir, def->name)) == NULL)
         goto cleanup;
 
     if ((err = virFileMakePath(configDir))) {
@@ -1962,17 +1953,16 @@ int virNWFilterSaveXML(virConnectPtr con
 }
 
 
-int virNWFilterSaveConfig(virConnectPtr conn,
-                          const char *configDir,
+int virNWFilterSaveConfig(const char *configDir,
                           virNWFilterDefPtr def)
 {
     int ret = -1;
     char *xml;
 
-    if (!(xml = virNWFilterDefFormat(conn, def)))
+    if (!(xml = virNWFilterDefFormat(def)))
         goto cleanup;
 
-    if (virNWFilterSaveXML(conn, configDir, def, xml))
+    if (virNWFilterSaveXML(configDir, def, xml))
         goto cleanup;
 
     ret = 0;
@@ -2119,13 +2109,13 @@ virNWFilterTestUnassignDef(virConnectPtr
 
 virNWFilterPoolObjPtr
 virNWFilterPoolObjAssignDef(virConnectPtr conn,
-                           virNWFilterPoolObjListPtr pools,
-                           virNWFilterDefPtr def)
+                            virNWFilterPoolObjListPtr pools,
+                            virNWFilterDefPtr def)
 {
     virNWFilterPoolObjPtr pool;
 
     if (virNWFilterDefLoopDetect(conn, pools, def)) {
-        virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER,
+        virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
                               "%s", _("filter would introduce a loop"));
         return NULL;
     }
@@ -2154,7 +2144,7 @@ virNWFilterPoolObjAssignDef(virConnectPt
     }
 
     if (virMutexInitRecursive(&pool->lock) < 0) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                               "%s", _("cannot initialize mutex"));
         VIR_FREE(pool);
         return NULL;
@@ -2178,9 +2168,9 @@ virNWFilterPoolObjAssignDef(virConnectPt
 
 static virNWFilterPoolObjPtr
 virNWFilterPoolObjLoad(virConnectPtr conn,
-                      virNWFilterPoolObjListPtr pools,
-                      const char *file,
-                      const char *path)
+                       virNWFilterPoolObjListPtr pools,
+                       const char *file,
+                       const char *path)
 {
     virNWFilterDefPtr def;
     virNWFilterPoolObjPtr pool;
@@ -2190,7 +2180,7 @@ virNWFilterPoolObjLoad(virConnectPtr con
     }
 
     if (!virFileMatchesNameSuffix(file, def->name, ".xml")) {
-        virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER,
+        virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
             _("network filter pool config filename '%s' does not match pool name '%s'"),
             path, def->name);
         virNWFilterDefFree(def);
@@ -2215,8 +2205,8 @@ virNWFilterPoolObjLoad(virConnectPtr con
 
 int
 virNWFilterPoolLoadAllConfigs(virConnectPtr conn,
-                             virNWFilterPoolObjListPtr pools,
-                             const char *configDir)
+                              virNWFilterPoolObjListPtr pools,
+                              const char *configDir)
 {
     DIR *dir;
     struct dirent *entry;
@@ -2242,7 +2232,7 @@ virNWFilterPoolLoadAllConfigs(virConnect
 
         if (virFileBuildPath(configDir, entry->d_name,
                              NULL, path, PATH_MAX) < 0) {
-            virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                    _("config filename '%s/%s' is too long"),
                                    configDir, entry->d_name);
             continue;
@@ -2260,10 +2250,9 @@ virNWFilterPoolLoadAllConfigs(virConnect
 
 
 int
-virNWFilterPoolObjSaveDef(virConnectPtr conn,
-                         virNWFilterDriverStatePtr driver,
-                         virNWFilterPoolObjPtr pool,
-                         virNWFilterDefPtr def)
+virNWFilterPoolObjSaveDef(virNWFilterDriverStatePtr driver,
+                          virNWFilterPoolObjPtr pool,
+                          virNWFilterDefPtr def)
 {
     char *xml;
     int fd = -1, ret = -1;
@@ -2282,7 +2271,7 @@ virNWFilterPoolObjSaveDef(virConnectPtr 
 
         if (virFileBuildPath(driver->configDir, def->name, ".xml",
                              path, sizeof(path)) < 0) {
-            virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                   "%s", _("cannot construct config file path"));
             return -1;
         }
@@ -2292,8 +2281,8 @@ virNWFilterPoolObjSaveDef(virConnectPtr 
         }
     }
 
-    if (!(xml = virNWFilterDefFormat(conn, def))) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+    if (!(xml = virNWFilterDefFormat(def))) {
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                               "%s", _("failed to generate XML"));
         return -1;
     }
@@ -2335,19 +2324,18 @@ virNWFilterPoolObjSaveDef(virConnectPtr 
 
 
 int
-virNWFilterPoolObjDeleteDef(virConnectPtr conn,
-                           virNWFilterPoolObjPtr pool)
+virNWFilterPoolObjDeleteDef(virNWFilterPoolObjPtr pool)
 {
     if (!pool->configFile) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
-                              _("no config file for %s"), pool->def->name);
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
+                               _("no config file for %s"), pool->def->name);
         return -1;
     }
 
     if (unlink(pool->configFile) < 0) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
-                              _("cannot remove config for %s"),
-                              pool->def->name);
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
+                               _("cannot remove config for %s"),
+                               pool->def->name);
         return -1;
     }
 
@@ -2369,8 +2357,7 @@ virNWIPAddressFormat(virBufferPtr buf, n
 
 
 static void
-virNWFilterRuleDefDetailsFormat(virConnectPtr conn,
-                                virBufferPtr buf,
+virNWFilterRuleDefDetailsFormat(virBufferPtr buf,
                                 const char *type,
                                 const virXMLAttr2Struct *att,
                                 virNWFilterRuleDefPtr def)
@@ -2420,7 +2407,7 @@ virNWFilterRuleDefDetailsFormat(virConne
                               att[i].name);
             if (att[i].formatter) {
                if (!att[i].formatter(buf, def)) {
-                  virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+                  virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                          _("formatter for %s %s reported error"),
                                          type,
                                          att[i].name);
@@ -2484,8 +2471,7 @@ err_exit:
 
 
 static char *
-virNWFilterRuleDefFormat(virConnectPtr conn,
-                         virNWFilterRuleDefPtr def)
+virNWFilterRuleDefFormat(virNWFilterRuleDefPtr def)
 {
     int i;
     virBuffer buf  = VIR_BUFFER_INITIALIZER;
@@ -2500,8 +2486,7 @@ virNWFilterRuleDefFormat(virConnectPtr c
     i = 0;
     while (virAttr[i].id) {
         if (virAttr[i].prtclType == def->prtclType) {
-            virNWFilterRuleDefDetailsFormat(conn,
-                                            &buf2,
+            virNWFilterRuleDefDetailsFormat(&buf2,
                                             virAttr[i].id,
                                             virAttr[i].att,
                                             def);
@@ -2563,18 +2548,16 @@ virNWFilterIncludeDefFormat(virNWFilterI
 
 
 static char *
-virNWFilterEntryFormat(virConnectPtr conn,
-                       virNWFilterEntryPtr entry)
+virNWFilterEntryFormat(virNWFilterEntryPtr entry)
 {
     if (entry->rule)
-        return virNWFilterRuleDefFormat(conn, entry->rule);
+        return virNWFilterRuleDefFormat(entry->rule);
     return virNWFilterIncludeDefFormat(entry->include);
 }
 
 
 char *
-virNWFilterDefFormat(virConnectPtr conn,
-                     virNWFilterDefPtr def)
+virNWFilterDefFormat(virNWFilterDefPtr def)
 {
     virBuffer buf = VIR_BUFFER_INITIALIZER;
     char uuid[VIR_UUID_STRING_BUFLEN];
@@ -2590,7 +2573,7 @@ virNWFilterDefFormat(virConnectPtr conn,
     virBufferVSprintf(&buf,"  <uuid>%s</uuid>\n", uuid);
 
     for (i = 0; i < def->nentries; i++) {
-        xml = virNWFilterEntryFormat(conn, def->filterEntries[i]);
+        xml = virNWFilterEntryFormat(def->filterEntries[i]);
         if (!xml)
             goto err_exit;
         virBufferVSprintf(&buf, "%s", xml);
@@ -2613,8 +2596,7 @@ virNWFilterDefFormat(virConnectPtr conn,
 }
 
 
-char *virNWFilterConfigFile(virConnectPtr conn ATTRIBUTE_UNUSED,
-                            const char *dir,
+char *virNWFilterConfigFile(const char *dir,
                             const char *name)
 {
     char *ret = NULL;
Index: libvirt-acl/src/nwfilter/nwfilter_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_driver.c
@@ -194,8 +194,8 @@ nwfilterLookupByUUID(virConnectPtr conn,
     nwfilterDriverUnlock(driver);
 
     if (!pool) {
-        virNWFilterReportError(conn, VIR_ERR_NO_NWFILTER,
-                              "%s", _("no pool with matching uuid"));
+        virNWFilterReportError(VIR_ERR_NO_NWFILTER,
+                               "%s", _("no pool with matching uuid"));
         goto cleanup;
     }
 
@@ -220,8 +220,8 @@ nwfilterLookupByName(virConnectPtr conn,
     nwfilterDriverUnlock(driver);
 
     if (!pool) {
-        virNWFilterReportError(conn, VIR_ERR_NO_NWFILTER,
-                              _("no pool with matching name '%s'"), name);
+        virNWFilterReportError(VIR_ERR_NO_NWFILTER,
+                               _("no pool with matching name '%s'"), name);
         goto cleanup;
     }
 
@@ -306,7 +306,7 @@ nwfilterDefine(virConnectPtr conn,
     if (!(pool = virNWFilterPoolObjAssignDef(conn, &driver->pools, def)))
         goto cleanup;
 
-    if (virNWFilterPoolObjSaveDef(conn, driver, pool, def) < 0) {
+    if (virNWFilterPoolObjSaveDef(driver, pool, def) < 0) {
         virNWFilterPoolObjRemove(&driver->pools, pool);
         def = NULL;
         goto cleanup;
@@ -333,19 +333,19 @@ nwfilterUndefine(virNWFilterPtr obj) {
     nwfilterDriverLock(driver);
     pool = virNWFilterPoolObjFindByUUID(&driver->pools, obj->uuid);
     if (!pool) {
-        virNWFilterReportError(obj->conn, VIR_ERR_INVALID_NWFILTER,
-                              "%s", _("no nwfilter pool with matching uuid"));
+        virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
+                               "%s", _("no nwfilter pool with matching uuid"));
         goto cleanup;
     }
 
     if (virNWFilterTestUnassignDef(obj->conn, pool)) {
-        virNWFilterReportError(obj->conn, VIR_ERR_INVALID_NWFILTER,
+        virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
                                "%s",
                                _("nwfilter is in use"));
         goto cleanup;
     }
 
-    if (virNWFilterPoolObjDeleteDef(obj->conn, pool) < 0)
+    if (virNWFilterPoolObjDeleteDef(pool) < 0)
         goto cleanup;
 
     VIR_FREE(pool->configFile);
@@ -374,12 +374,12 @@ nwfilterDumpXML(virNWFilterPtr obj,
     nwfilterDriverUnlock(driver);
 
     if (!pool) {
-        virNWFilterReportError(obj->conn, VIR_ERR_INVALID_NWFILTER,
-                              "%s", _("no nwfilter pool with matching uuid"));
+        virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
+                               "%s", _("no nwfilter pool with matching uuid"));
         goto cleanup;
     }
 
-    ret = virNWFilterDefFormat(obj->conn, pool->def);
+    ret = virNWFilterDefFormat(pool->def);
 
 cleanup:
     if (pool)
Index: libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_ebiptables_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -106,8 +106,7 @@ static const char *supported_protocols[]
 
 
 static int
-printVar(virConnectPtr conn,
-         virNWFilterHashTablePtr vars,
+printVar(virNWFilterHashTablePtr vars,
          char *buf, int bufsize,
          nwItemDescPtr item,
          int *done)
@@ -117,14 +116,14 @@ printVar(virConnectPtr conn,
     if ((item->flags & NWFILTER_ENTRY_ITEM_FLAG_HAS_VAR)) {
         char *val = (char *)virHashLookup(vars->hashTable, item->var);
         if (!val) {
-            virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER,
+            virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
                                    _("cannot find value for '%s'"),
                                    item->var);
             return 1;
         }
 
         if (!virStrcpy(buf, val, bufsize)) {
-            virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER,
+            virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
                                    _("Buffer to small to print MAC address "
                                    "'%s' into"),
                                    item->var);
@@ -138,8 +137,7 @@ printVar(virConnectPtr conn,
 
 
 static int
-_printDataType(virConnectPtr conn,
-               virNWFilterHashTablePtr vars,
+_printDataType(virNWFilterHashTablePtr vars,
                char *buf, int bufsize,
                nwItemDescPtr item,
                bool asHex)
@@ -147,7 +145,7 @@ _printDataType(virConnectPtr conn,
     int done;
     char *data;
 
-    if (printVar(conn, vars, buf, bufsize, item, &done))
+    if (printVar(vars, buf, bufsize, item, &done))
         return 1;
 
     if (done)
@@ -157,13 +155,13 @@ _printDataType(virConnectPtr conn,
     case DATATYPE_IPADDR:
         data = virSocketFormatAddr(&item->u.ipaddr.addr);
         if (!data) {
-            virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
+            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                                    _("internal IPv4 address representation "
                                      "is bad"));
             return 1;
         }
         if (snprintf(buf, bufsize, "%s", data) >= bufsize) {
-            virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
+            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                                    _("buffer too small for IP address"));
             VIR_FREE(data);
             return 1;
@@ -174,14 +172,14 @@ _printDataType(virConnectPtr conn,
     case DATATYPE_IPV6ADDR:
         data = virSocketFormatAddr(&item->u.ipaddr.addr);
         if (!data) {
-            virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
+            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                                    _("internal IPv6 address representation "
                                      "is bad"));
             return 1;
         }
 
         if (snprintf(buf, bufsize, "%s", data) >= bufsize) {
-            virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
+            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                                    _("buffer too small for IPv6 address"));
             VIR_FREE(data);
             return 1;
@@ -192,7 +190,7 @@ _printDataType(virConnectPtr conn,
     case DATATYPE_MACADDR:
     case DATATYPE_MACMASK:
         if (bufsize < VIR_MAC_STRING_BUFLEN) {
-            virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER, "%s",
+            virNWFilterReportError(VIR_ERR_INVALID_NWFILTER, "%s",
                                    _("Buffer too small for MAC address"));
             return 1;
         }
@@ -204,7 +202,7 @@ _printDataType(virConnectPtr conn,
     case DATATYPE_IPMASK:
         if (snprintf(buf, bufsize, "%d",
                      item->u.u8) >= bufsize) {
-            virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER,
+            virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
                                    _("Buffer too small for uint8 type"));
             return 1;
         }
@@ -213,7 +211,7 @@ _printDataType(virConnectPtr conn,
     case DATATYPE_UINT16:
         if (snprintf(buf, bufsize, asHex ? "0x%x" : "%d",
                      item->u.u16) >= bufsize) {
-            virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER, "%s",
+            virNWFilterReportError(VIR_ERR_INVALID_NWFILTER, "%s",
                                    _("Buffer too small for uint16 type"));
             return 1;
         }
@@ -222,14 +220,14 @@ _printDataType(virConnectPtr conn,
     case DATATYPE_UINT8:
         if (snprintf(buf, bufsize, asHex ? "0x%x" : "%d",
                      item->u.u8) >= bufsize) {
-            virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER, "%s",
+            virNWFilterReportError(VIR_ERR_INVALID_NWFILTER, "%s",
                                    _("Buffer too small for uint8 type"));
             return 1;
         }
     break;
 
     default:
-        virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER,
+        virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
                                _("Unhandled datatype %x"), item->datatype);
         return 1;
     break;
@@ -240,22 +238,20 @@ _printDataType(virConnectPtr conn,
 
 
 static int
-printDataType(virConnectPtr conn,
-              virNWFilterHashTablePtr vars,
+printDataType(virNWFilterHashTablePtr vars,
               char *buf, int bufsize,
               nwItemDescPtr item)
 {
-    return _printDataType(conn, vars, buf, bufsize, item, 0);
+    return _printDataType(vars, buf, bufsize, item, 0);
 }
 
 
 static int
-printDataTypeAsHex(virConnectPtr conn,
-                   virNWFilterHashTablePtr vars,
+printDataTypeAsHex(virNWFilterHashTablePtr vars,
                    char *buf, int bufsize,
                    nwItemDescPtr item)
 {
-    return _printDataType(conn, vars, buf, bufsize, item, 1);
+    return _printDataType(vars, buf, bufsize, item, 1);
 }
 
 
@@ -271,8 +267,7 @@ ebiptablesRuleInstFree(ebiptablesRuleIns
 
 
 static int
-ebiptablesAddRuleInst(virConnectPtr conn,
-                      virNWFilterRuleInstPtr res,
+ebiptablesAddRuleInst(virNWFilterRuleInstPtr res,
                       char *commandTemplate,
                       enum virNWFilterChainSuffixType neededChain,
                       char chainprefix,
@@ -292,21 +287,19 @@ ebiptablesAddRuleInst(virConnectPtr conn
     inst->priority = priority;
     inst->ruleType = ruleType;
 
-    return virNWFilterRuleInstAddData(conn, res, inst);
+    return virNWFilterRuleInstAddData(res, inst);
 }
 
 
 static int
-ebtablesHandleEthHdr(virConnectPtr conn,
-                     virBufferPtr buf,
+ebtablesHandleEthHdr(virBufferPtr buf,
                      virNWFilterHashTablePtr vars,
                      ethHdrDataDefPtr ethHdr)
 {
     char macaddr[VIR_MAC_STRING_BUFLEN];
 
     if (HAS_ENTRY_ITEM(&ethHdr->dataSrcMACAddr)) {
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           macaddr, sizeof(macaddr),
                           &ethHdr->dataSrcMACAddr))
             goto err_exit;
@@ -317,8 +310,7 @@ ebtablesHandleEthHdr(virConnectPtr conn,
                       macaddr);
 
         if (HAS_ENTRY_ITEM(&ethHdr->dataSrcMACMask)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               macaddr, sizeof(macaddr),
                               &ethHdr->dataSrcMACMask))
                 goto err_exit;
@@ -330,8 +322,7 @@ ebtablesHandleEthHdr(virConnectPtr conn,
     }
 
     if (HAS_ENTRY_ITEM(&ethHdr->dataDstMACAddr)) {
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           macaddr, sizeof(macaddr),
                           &ethHdr->dataDstMACAddr))
             goto err_exit;
@@ -342,8 +333,7 @@ ebtablesHandleEthHdr(virConnectPtr conn,
                       macaddr);
 
         if (HAS_ENTRY_ITEM(&ethHdr->dataDstMACMask)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               macaddr, sizeof(macaddr),
                               &ethHdr->dataDstMACMask))
                 goto err_exit;
@@ -365,8 +355,7 @@ ebtablesHandleEthHdr(virConnectPtr conn,
 
 /************************ iptables support ************************/
 
-static int iptablesLinkIPTablesBaseChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                                         const char *iptables_cmd,
+static int iptablesLinkIPTablesBaseChain(const char *iptables_cmd,
                                          virBufferPtr buf,
                                          const char *udchain,
                                          const char *syschain,
@@ -407,8 +396,7 @@ static int iptablesLinkIPTablesBaseChain
 }
 
 
-static int iptablesCreateBaseChains(virConnectPtr conn,
-                                    const char *iptables_cmd,
+static int iptablesCreateBaseChains(const char *iptables_cmd,
                                     virBufferPtr buf)
 {
     virBufferVSprintf(buf,"%s -N " VIRT_IN_CHAIN      CMD_SEPARATOR
@@ -419,13 +407,13 @@ static int iptablesCreateBaseChains(virC
                           iptables_cmd,
                           iptables_cmd,
                           iptables_cmd);
-    iptablesLinkIPTablesBaseChain(conn, iptables_cmd, buf,
+    iptablesLinkIPTablesBaseChain(iptables_cmd, buf,
                                   VIRT_IN_CHAIN     , "FORWARD", 1, 1);
-    iptablesLinkIPTablesBaseChain(conn, iptables_cmd, buf,
+    iptablesLinkIPTablesBaseChain(iptables_cmd, buf,
                                   VIRT_OUT_CHAIN    , "FORWARD", 2, 1);
-    iptablesLinkIPTablesBaseChain(conn, iptables_cmd, buf,
+    iptablesLinkIPTablesBaseChain(iptables_cmd, buf,
                                   VIRT_IN_POST_CHAIN, "FORWARD", 3, 1);
-    iptablesLinkIPTablesBaseChain(conn, iptables_cmd, buf,
+    iptablesLinkIPTablesBaseChain(iptables_cmd, buf,
                                   HOST_IN_CHAIN     , "INPUT"  , 1, 1);
 
     return 0;
@@ -433,8 +421,7 @@ static int iptablesCreateBaseChains(virC
 
 
 static int
-iptablesCreateTmpRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                           const char *iptables_cmd,
+iptablesCreateTmpRootChain(const char *iptables_cmd,
                            virBufferPtr buf,
                            char prefix,
                            int incoming, const char *ifname,
@@ -462,21 +449,19 @@ iptablesCreateTmpRootChain(virConnectPtr
 
 
 static int
-iptablesCreateTmpRootChains(virConnectPtr conn,
-                            const char *iptables_cmd,
+iptablesCreateTmpRootChains(const char *iptables_cmd,
                             virBufferPtr buf,
                             const char *ifname)
 {
-    iptablesCreateTmpRootChain(conn, iptables_cmd, buf, 'F', 0, ifname, 1);
-    iptablesCreateTmpRootChain(conn, iptables_cmd, buf, 'F', 1, ifname, 1);
-    iptablesCreateTmpRootChain(conn, iptables_cmd, buf, 'H', 1, ifname, 1);
+    iptablesCreateTmpRootChain(iptables_cmd, buf, 'F', 0, ifname, 1);
+    iptablesCreateTmpRootChain(iptables_cmd, buf, 'F', 1, ifname, 1);
+    iptablesCreateTmpRootChain(iptables_cmd, buf, 'H', 1, ifname, 1);
     return 0;
 }
 
 
 static int
-_iptablesRemoveRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                         const char *iptables_cmd,
+_iptablesRemoveRootChain(const char *iptables_cmd,
                          virBufferPtr buf,
                          char prefix,
                          int incoming, const char *ifname,
@@ -507,60 +492,55 @@ _iptablesRemoveRootChain(virConnectPtr c
 
 
 static int
-iptablesRemoveRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                        const char *iptables_cmd,
+iptablesRemoveRootChain(const char *iptables_cmd,
                         virBufferPtr buf,
                         char prefix,
                         int incoming,
                         const char *ifname)
 {
-    return _iptablesRemoveRootChain(conn, iptables_cmd,
+    return _iptablesRemoveRootChain(iptables_cmd,
                                     buf, prefix, incoming, ifname, 0);
 }
 
 
 static int
-iptablesRemoveTmpRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                           const char *iptables_cmd,
+iptablesRemoveTmpRootChain(const char *iptables_cmd,
                            virBufferPtr buf,
                            char prefix,
                            int incoming,
                            const char *ifname)
 {
-    return _iptablesRemoveRootChain(conn, iptables_cmd, buf, prefix,
+    return _iptablesRemoveRootChain(iptables_cmd, buf, prefix,
                                     incoming, ifname, 1);
 }
 
 
 static int
-iptablesRemoveTmpRootChains(virConnectPtr conn,
-                            const char *iptables_cmd,
+iptablesRemoveTmpRootChains(const char *iptables_cmd,
                             virBufferPtr buf,
                             const char *ifname)
 {
-    iptablesRemoveTmpRootChain(conn, iptables_cmd, buf, 'F', 0, ifname);
-    iptablesRemoveTmpRootChain(conn, iptables_cmd, buf, 'F', 1, ifname);
-    iptablesRemoveTmpRootChain(conn, iptables_cmd, buf, 'H', 1, ifname);
+    iptablesRemoveTmpRootChain(iptables_cmd, buf, 'F', 0, ifname);
+    iptablesRemoveTmpRootChain(iptables_cmd, buf, 'F', 1, ifname);
+    iptablesRemoveTmpRootChain(iptables_cmd, buf, 'H', 1, ifname);
     return 0;
 }
 
 
 static int
-iptablesRemoveRootChains(virConnectPtr conn,
-                         const char *iptables_cmd,
+iptablesRemoveRootChains(const char *iptables_cmd,
                          virBufferPtr buf,
                          const char *ifname)
 {
-    iptablesRemoveRootChain(conn, iptables_cmd, buf, 'F', 0, ifname);
-    iptablesRemoveRootChain(conn, iptables_cmd, buf, 'F', 1, ifname);
-    iptablesRemoveRootChain(conn, iptables_cmd, buf, 'H', 1, ifname);
+    iptablesRemoveRootChain(iptables_cmd, buf, 'F', 0, ifname);
+    iptablesRemoveRootChain(iptables_cmd, buf, 'F', 1, ifname);
+    iptablesRemoveRootChain(iptables_cmd, buf, 'H', 1, ifname);
     return 0;
 }
 
 
 static int
-iptablesLinkTmpRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                         const char *iptables_cmd,
+iptablesLinkTmpRootChain(const char *iptables_cmd,
                          virBufferPtr buf,
                          const char *basechain,
                          char prefix,
@@ -594,22 +574,20 @@ iptablesLinkTmpRootChain(virConnectPtr c
 
 
 static int
-iptablesLinkTmpRootChains(virConnectPtr conn,
-                          const char *cmd,
+iptablesLinkTmpRootChains(const char *cmd,
                           virBufferPtr buf,
                           const char *ifname)
 {
-    iptablesLinkTmpRootChain(conn, cmd, buf, VIRT_OUT_CHAIN, 'F', 0, ifname, 1);
-    iptablesLinkTmpRootChain(conn, cmd, buf, VIRT_IN_CHAIN , 'F', 1, ifname, 1);
-    iptablesLinkTmpRootChain(conn, cmd, buf, HOST_IN_CHAIN , 'H', 1, ifname, 1);
+    iptablesLinkTmpRootChain(cmd, buf, VIRT_OUT_CHAIN, 'F', 0, ifname, 1);
+    iptablesLinkTmpRootChain(cmd, buf, VIRT_IN_CHAIN , 'F', 1, ifname, 1);
+    iptablesLinkTmpRootChain(cmd, buf, HOST_IN_CHAIN , 'H', 1, ifname, 1);
 
     return 0;
 }
 
 
 static int
-iptablesSetupVirtInPost(virConnectPtr conn ATTRIBUTE_UNUSED,
-                        const char *iptables_cmd,
+iptablesSetupVirtInPost(const char *iptables_cmd,
                         virBufferPtr buf,
                         const char *ifname)
 {
@@ -634,8 +612,7 @@ iptablesSetupVirtInPost(virConnectPtr co
 
 
 static int
-iptablesClearVirtInPost(virConnectPtr conn ATTRIBUTE_UNUSED,
-                        const char *iptables_cmd,
+iptablesClearVirtInPost(const char *iptables_cmd,
                         virBufferPtr buf,
                         const char *ifname)
 {
@@ -649,13 +626,12 @@ iptablesClearVirtInPost(virConnectPtr co
 }
 
 static int
-_iptablesUnlinkRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                        const char *iptables_cmd,
-                        virBufferPtr buf,
-                        const char *basechain,
-                        char prefix,
-                        int incoming, const char *ifname,
-                        int isTempChain)
+_iptablesUnlinkRootChain(const char *iptables_cmd,
+                         virBufferPtr buf,
+                         const char *basechain,
+                         char prefix,
+                         int incoming, const char *ifname,
+                         int isTempChain)
 {
     char chain[MAX_CHAINNAME_LENGTH];
     char chainPrefix[2] = {
@@ -684,61 +660,56 @@ _iptablesUnlinkRootChain(virConnectPtr c
 
 
 static int
-iptablesUnlinkRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                        const char *iptables_cmd,
+iptablesUnlinkRootChain(const char *iptables_cmd,
                         virBufferPtr buf,
                         const char *basechain,
                         char prefix,
                         int incoming, const char *ifname)
 {
-    return _iptablesUnlinkRootChain(conn, iptables_cmd, buf,
+    return _iptablesUnlinkRootChain(iptables_cmd, buf,
                                     basechain, prefix, incoming, ifname, 0);
 }
 
 
 static int
-iptablesUnlinkTmpRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                           const char *iptables_cmd,
+iptablesUnlinkTmpRootChain(const char *iptables_cmd,
                            virBufferPtr buf,
                            const char *basechain,
                            char prefix,
                            int incoming, const char *ifname)
 {
-    return _iptablesUnlinkRootChain(conn, iptables_cmd, buf,
+    return _iptablesUnlinkRootChain(iptables_cmd, buf,
                                     basechain, prefix, incoming, ifname, 1);
 }
 
 
 static int
-iptablesUnlinkRootChains(virConnectPtr conn,
-                         const char *cmd,
+iptablesUnlinkRootChains(const char *cmd,
                          virBufferPtr buf,
                          const char *ifname)
 {
-    iptablesUnlinkRootChain(conn, cmd, buf, VIRT_OUT_CHAIN, 'F', 0, ifname);
-    iptablesUnlinkRootChain(conn, cmd, buf, VIRT_IN_CHAIN , 'F', 1, ifname);
-    iptablesUnlinkRootChain(conn, cmd, buf, HOST_IN_CHAIN , 'H', 1, ifname);
+    iptablesUnlinkRootChain(cmd, buf, VIRT_OUT_CHAIN, 'F', 0, ifname);
+    iptablesUnlinkRootChain(cmd, buf, VIRT_IN_CHAIN , 'F', 1, ifname);
+    iptablesUnlinkRootChain(cmd, buf, HOST_IN_CHAIN , 'H', 1, ifname);
 
     return 0;
 }
 
 
 static int
-iptablesUnlinkTmpRootChains(virConnectPtr conn,
-                            const char *cmd,
+iptablesUnlinkTmpRootChains(const char *cmd,
                             virBufferPtr buf,
                             const char *ifname)
 {
-    iptablesUnlinkTmpRootChain(conn, cmd, buf, VIRT_OUT_CHAIN, 'F', 0, ifname);
-    iptablesUnlinkTmpRootChain(conn, cmd, buf, VIRT_IN_CHAIN , 'F', 1, ifname);
-    iptablesUnlinkTmpRootChain(conn, cmd, buf, HOST_IN_CHAIN , 'H', 1, ifname);
+    iptablesUnlinkTmpRootChain(cmd, buf, VIRT_OUT_CHAIN, 'F', 0, ifname);
+    iptablesUnlinkTmpRootChain(cmd, buf, VIRT_IN_CHAIN , 'F', 1, ifname);
+    iptablesUnlinkTmpRootChain(cmd, buf, HOST_IN_CHAIN , 'H', 1, ifname);
     return 0;
 }
 
 
 static int
-iptablesRenameTmpRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                           const char *iptables_cmd,
+iptablesRenameTmpRootChain(const char *iptables_cmd,
                            virBufferPtr buf,
                            char prefix,
                            int incoming,
@@ -769,21 +740,19 @@ iptablesRenameTmpRootChain(virConnectPtr
 
 
 static int
-iptablesRenameTmpRootChains(virConnectPtr conn,
-                            const char *iptables_cmd,
+iptablesRenameTmpRootChains(const char *iptables_cmd,
                             virBufferPtr buf,
                             const char *ifname)
 {
-    iptablesRenameTmpRootChain(conn, iptables_cmd, buf, 'F', 0, ifname);
-    iptablesRenameTmpRootChain(conn, iptables_cmd, buf, 'F', 1, ifname);
-    iptablesRenameTmpRootChain(conn, iptables_cmd, buf, 'H', 1, ifname);
+    iptablesRenameTmpRootChain(iptables_cmd, buf, 'F', 0, ifname);
+    iptablesRenameTmpRootChain(iptables_cmd, buf, 'F', 1, ifname);
+    iptablesRenameTmpRootChain(iptables_cmd, buf, 'H', 1, ifname);
     return 0;
 }
 
 
 static void
-iptablesInstCommand(virConnectPtr conn ATTRIBUTE_UNUSED,
-                    virBufferPtr buf,
+iptablesInstCommand(virBufferPtr buf,
                     const char *templ, char cmd, int pos,
                     int stopOnError)
 {
@@ -797,8 +766,7 @@ iptablesInstCommand(virConnectPtr conn A
 
 
 static int
-iptablesHandleSrcMacAddr(virConnectPtr conn ATTRIBUTE_UNUSED,
-                         virBufferPtr buf,
+iptablesHandleSrcMacAddr(virBufferPtr buf,
                          virNWFilterHashTablePtr vars,
                          nwItemDescPtr srcMacAddr,
                          int directionIn ATTRIBUTE_UNUSED)
@@ -806,8 +774,7 @@ iptablesHandleSrcMacAddr(virConnectPtr c
     char macaddr[VIR_MAC_STRING_BUFLEN];
 
     if (HAS_ENTRY_ITEM(srcMacAddr)) {
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           macaddr, sizeof(macaddr),
                           srcMacAddr))
             goto err_exit;
@@ -828,8 +795,7 @@ err_exit:
 
 
 static int
-iptablesHandleIpHdr(virConnectPtr conn ATTRIBUTE_UNUSED,
-                    virBufferPtr buf,
+iptablesHandleIpHdr(virBufferPtr buf,
                     virNWFilterHashTablePtr vars,
                     ipHdrDataDefPtr ipHdr,
                     int directionIn)
@@ -849,8 +815,7 @@ iptablesHandleIpHdr(virConnectPtr conn A
 
     if (HAS_ENTRY_ITEM(&ipHdr->dataSrcIPAddr)) {
 
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           ipaddr, sizeof(ipaddr),
                           &ipHdr->dataSrcIPAddr))
             goto err_exit;
@@ -863,8 +828,7 @@ iptablesHandleIpHdr(virConnectPtr conn A
 
         if (HAS_ENTRY_ITEM(&ipHdr->dataSrcIPMask)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &ipHdr->dataSrcIPMask))
                 goto err_exit;
@@ -875,8 +839,7 @@ iptablesHandleIpHdr(virConnectPtr conn A
         }
     } else if (HAS_ENTRY_ITEM(&ipHdr->dataSrcIPFrom)) {
 
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           ipaddr, sizeof(ipaddr),
                           &ipHdr->dataSrcIPFrom))
             goto err_exit;
@@ -889,8 +852,7 @@ iptablesHandleIpHdr(virConnectPtr conn A
 
         if (HAS_ENTRY_ITEM(&ipHdr->dataSrcIPTo)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               ipaddr, sizeof(ipaddr),
                               &ipHdr->dataSrcIPTo))
                 goto err_exit;
@@ -903,8 +865,7 @@ iptablesHandleIpHdr(virConnectPtr conn A
 
     if (HAS_ENTRY_ITEM(&ipHdr->dataDstIPAddr)) {
 
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           ipaddr, sizeof(ipaddr),
                           &ipHdr->dataDstIPAddr))
            goto err_exit;
@@ -917,8 +878,7 @@ iptablesHandleIpHdr(virConnectPtr conn A
 
         if (HAS_ENTRY_ITEM(&ipHdr->dataDstIPMask)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &ipHdr->dataDstIPMask))
                 goto err_exit;
@@ -930,8 +890,7 @@ iptablesHandleIpHdr(virConnectPtr conn A
         }
     } else if (HAS_ENTRY_ITEM(&ipHdr->dataDstIPFrom)) {
 
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           ipaddr, sizeof(ipaddr),
                           &ipHdr->dataDstIPFrom))
             goto err_exit;
@@ -944,8 +903,7 @@ iptablesHandleIpHdr(virConnectPtr conn A
 
         if (HAS_ENTRY_ITEM(&ipHdr->dataDstIPTo)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               ipaddr, sizeof(ipaddr),
                               &ipHdr->dataDstIPTo))
                 goto err_exit;
@@ -958,8 +916,7 @@ iptablesHandleIpHdr(virConnectPtr conn A
 
     if (HAS_ENTRY_ITEM(&ipHdr->dataDSCP)) {
 
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           number, sizeof(number),
                           &ipHdr->dataDSCP))
            goto err_exit;
@@ -980,8 +937,7 @@ err_exit:
 
 
 static int
-iptablesHandlePortData(virConnectPtr conn ATTRIBUTE_UNUSED,
-                       virBufferPtr buf,
+iptablesHandlePortData(virBufferPtr buf,
                        virNWFilterHashTablePtr vars,
                        portDataDefPtr portData,
                        int directionIn)
@@ -995,8 +951,7 @@ iptablesHandlePortData(virConnectPtr con
     }
 
     if (HAS_ENTRY_ITEM(&portData->dataSrcPortStart)) {
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           portstr, sizeof(portstr),
                           &portData->dataSrcPortStart))
             goto err_exit;
@@ -1008,8 +963,7 @@ iptablesHandlePortData(virConnectPtr con
                           portstr);
 
         if (HAS_ENTRY_ITEM(&portData->dataSrcPortEnd)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               portstr, sizeof(portstr),
                               &portData->dataSrcPortEnd))
                 goto err_exit;
@@ -1021,8 +975,7 @@ iptablesHandlePortData(virConnectPtr con
     }
 
     if (HAS_ENTRY_ITEM(&portData->dataDstPortStart)) {
-        if (printDataType(conn,
-                          vars,
+        if (printDataType(vars,
                           portstr, sizeof(portstr),
                           &portData->dataDstPortStart))
             goto err_exit;
@@ -1034,8 +987,7 @@ iptablesHandlePortData(virConnectPtr con
                           portstr);
 
         if (HAS_ENTRY_ITEM(&portData->dataDstPortEnd)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               portstr, sizeof(portstr),
                               &portData->dataDstPortEnd))
                 goto err_exit;
@@ -1054,7 +1006,6 @@ err_exit:
 
 /*
  * _iptablesCreateRuleInstance:
- * @conn : Pointer to a virConnect object
  * @chainPrefix : The prefix to put in front of the name of the chain
  * @nwfilter : The filter
  * @rule: The rule of the filter to convert
@@ -1069,8 +1020,7 @@ err_exit:
  * virConnect object.
  */
 static int
-_iptablesCreateRuleInstance(virConnectPtr conn,
-                            int directionIn,
+_iptablesCreateRuleInstance(int directionIn,
                             const char *chainPrefix,
                             virNWFilterDefPtr nwfilter,
                             virNWFilterRuleDefPtr rule,
@@ -1099,30 +1049,26 @@ _iptablesCreateRuleInstance(virConnectPt
 
         virBufferAddLit(&buf, " -p tcp");
 
-        if (iptablesHandleSrcMacAddr(conn,
-                                     &buf,
+        if (iptablesHandleSrcMacAddr(&buf,
                                      vars,
                                      &rule->p.tcpHdrFilter.dataSrcMACAddr,
                                      directionIn))
             goto err_exit;
 
-        if (iptablesHandleIpHdr(conn,
-                                &buf,
+        if (iptablesHandleIpHdr(&buf,
                                 vars,
                                 &rule->p.tcpHdrFilter.ipHdr,
                                 directionIn))
             goto err_exit;
 
-        if (iptablesHandlePortData(conn,
-                                   &buf,
+        if (iptablesHandlePortData(&buf,
                                    vars,
                                    &rule->p.tcpHdrFilter.portData,
                                    directionIn))
             goto err_exit;
 
         if (HAS_ENTRY_ITEM(&rule->p.tcpHdrFilter.dataTCPOption)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.tcpHdrFilter.dataTCPOption))
                 goto err_exit;
@@ -1144,22 +1090,19 @@ _iptablesCreateRuleInstance(virConnectPt
 
         virBufferAddLit(&buf, " -p udp");
 
-        if (iptablesHandleSrcMacAddr(conn,
-                                     &buf,
+        if (iptablesHandleSrcMacAddr(&buf,
                                      vars,
                                      &rule->p.udpHdrFilter.dataSrcMACAddr,
                                      directionIn))
             goto err_exit;
 
-        if (iptablesHandleIpHdr(conn,
-                                &buf,
+        if (iptablesHandleIpHdr(&buf,
                                 vars,
                                 &rule->p.udpHdrFilter.ipHdr,
                                 directionIn))
             goto err_exit;
 
-        if (iptablesHandlePortData(conn,
-                                   &buf,
+        if (iptablesHandlePortData(&buf,
                                    vars,
                                    &rule->p.udpHdrFilter.portData,
                                    directionIn))
@@ -1175,15 +1118,13 @@ _iptablesCreateRuleInstance(virConnectPt
 
         virBufferAddLit(&buf, " -p udplite");
 
-        if (iptablesHandleSrcMacAddr(conn,
-                                     &buf,
+        if (iptablesHandleSrcMacAddr(&buf,
                                      vars,
                                      &rule->p.udpliteHdrFilter.dataSrcMACAddr,
                                      directionIn))
             goto err_exit;
 
-        if (iptablesHandleIpHdr(conn,
-                                &buf,
+        if (iptablesHandleIpHdr(&buf,
                                 vars,
                                 &rule->p.udpliteHdrFilter.ipHdr,
                                 directionIn))
@@ -1200,15 +1141,13 @@ _iptablesCreateRuleInstance(virConnectPt
 
         virBufferAddLit(&buf, " -p esp");
 
-        if (iptablesHandleSrcMacAddr(conn,
-                                     &buf,
+        if (iptablesHandleSrcMacAddr(&buf,
                                      vars,
                                      &rule->p.espHdrFilter.dataSrcMACAddr,
                                      directionIn))
             goto err_exit;
 
-        if (iptablesHandleIpHdr(conn,
-                                &buf,
+        if (iptablesHandleIpHdr(&buf,
                                 vars,
                                 &rule->p.espHdrFilter.ipHdr,
                                 directionIn))
@@ -1225,15 +1164,13 @@ _iptablesCreateRuleInstance(virConnectPt
 
         virBufferAddLit(&buf, " -p ah");
 
-        if (iptablesHandleSrcMacAddr(conn,
-                                     &buf,
+        if (iptablesHandleSrcMacAddr(&buf,
                                      vars,
                                      &rule->p.ahHdrFilter.dataSrcMACAddr,
                                      directionIn))
             goto err_exit;
 
-        if (iptablesHandleIpHdr(conn,
-                                &buf,
+        if (iptablesHandleIpHdr(&buf,
                                 vars,
                                 &rule->p.ahHdrFilter.ipHdr,
                                 directionIn))
@@ -1250,22 +1187,19 @@ _iptablesCreateRuleInstance(virConnectPt
 
         virBufferAddLit(&buf, " -p sctp");
 
-        if (iptablesHandleSrcMacAddr(conn,
-                                     &buf,
+        if (iptablesHandleSrcMacAddr(&buf,
                                      vars,
                                      &rule->p.sctpHdrFilter.dataSrcMACAddr,
                                      directionIn))
             goto err_exit;
 
-        if (iptablesHandleIpHdr(conn,
-                                &buf,
+        if (iptablesHandleIpHdr(&buf,
                                 vars,
                                 &rule->p.sctpHdrFilter.ipHdr,
                                 directionIn))
             goto err_exit;
 
-        if (iptablesHandlePortData(conn,
-                                   &buf,
+        if (iptablesHandlePortData(&buf,
                                    vars,
                                    &rule->p.sctpHdrFilter.portData,
                                    directionIn))
@@ -1284,15 +1218,13 @@ _iptablesCreateRuleInstance(virConnectPt
         else
             virBufferAddLit(&buf, " -p icmpv6");
 
-        if (iptablesHandleSrcMacAddr(conn,
-                                     &buf,
+        if (iptablesHandleSrcMacAddr(&buf,
                                      vars,
                                      &rule->p.icmpHdrFilter.dataSrcMACAddr,
                                      directionIn))
             goto err_exit;
 
-        if (iptablesHandleIpHdr(conn,
-                                &buf,
+        if (iptablesHandleIpHdr(&buf,
                                 vars,
                                 &rule->p.icmpHdrFilter.ipHdr,
                                 directionIn))
@@ -1305,8 +1237,7 @@ _iptablesCreateRuleInstance(virConnectPt
             else
                 parm = "--icmpv6-type";
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.icmpHdrFilter.dataICMPType))
                 goto err_exit;
@@ -1318,8 +1249,7 @@ _iptablesCreateRuleInstance(virConnectPt
                       number);
 
             if (HAS_ENTRY_ITEM(&rule->p.icmpHdrFilter.dataICMPCode)) {
-                if (printDataType(conn,
-                                  vars,
+                if (printDataType(vars,
                                   number, sizeof(number),
                                   &rule->p.icmpHdrFilter.dataICMPCode))
                     goto err_exit;
@@ -1339,15 +1269,13 @@ _iptablesCreateRuleInstance(virConnectPt
 
         virBufferAddLit(&buf, " -p igmp");
 
-        if (iptablesHandleSrcMacAddr(conn,
-                                     &buf,
+        if (iptablesHandleSrcMacAddr(&buf,
                                      vars,
                                      &rule->p.igmpHdrFilter.dataSrcMACAddr,
                                      directionIn))
             goto err_exit;
 
-        if (iptablesHandleIpHdr(conn,
-                                &buf,
+        if (iptablesHandleIpHdr(&buf,
                                 vars,
                                 &rule->p.igmpHdrFilter.ipHdr,
                                 directionIn))
@@ -1364,15 +1292,13 @@ _iptablesCreateRuleInstance(virConnectPt
 
         virBufferAddLit(&buf, " -p all");
 
-        if (iptablesHandleSrcMacAddr(conn,
-                                     &buf,
+        if (iptablesHandleSrcMacAddr(&buf,
                                      vars,
                                      &rule->p.allHdrFilter.dataSrcMACAddr,
                                      directionIn))
             goto err_exit;
 
-        if (iptablesHandleIpHdr(conn,
-                                &buf,
+        if (iptablesHandleIpHdr(&buf,
                                 vars,
                                 &rule->p.allHdrFilter.ipHdr,
                                 directionIn))
@@ -1403,8 +1329,7 @@ _iptablesCreateRuleInstance(virConnectPt
         return -1;
     }
 
-    return ebiptablesAddRuleInst(conn,
-                                 res,
+    return ebiptablesAddRuleInst(res,
                                  virBufferContentAndReset(&buf),
                                  nwfilter->chainsuffix,
                                  '\0',
@@ -1421,8 +1346,7 @@ err_exit:
 
 
 static int
-iptablesCreateRuleInstance(virConnectPtr conn,
-                           virNWFilterDefPtr nwfilter,
+iptablesCreateRuleInstance(virNWFilterDefPtr nwfilter,
                            virNWFilterRuleDefPtr rule,
                            const char *ifname,
                            virNWFilterHashTablePtr vars,
@@ -1443,8 +1367,7 @@ iptablesCreateRuleInstance(virConnectPtr
     chainPrefix[0] = 'F';
 
     chainPrefix[1] = CHAINPREFIX_HOST_IN_TEMP;
-    rc = _iptablesCreateRuleInstance(conn,
-                                     directionIn,
+    rc = _iptablesCreateRuleInstance(directionIn,
                                      chainPrefix,
                                      nwfilter,
                                      rule,
@@ -1459,8 +1382,7 @@ iptablesCreateRuleInstance(virConnectPtr
         return rc;
 
     chainPrefix[1] = CHAINPREFIX_HOST_OUT_TEMP;
-    rc = _iptablesCreateRuleInstance(conn,
-                                     !directionIn,
+    rc = _iptablesCreateRuleInstance(!directionIn,
                                      chainPrefix,
                                      nwfilter,
                                      rule,
@@ -1476,8 +1398,7 @@ iptablesCreateRuleInstance(virConnectPtr
 
     chainPrefix[0] = 'H';
     chainPrefix[1] = CHAINPREFIX_HOST_IN_TEMP;
-    rc = _iptablesCreateRuleInstance(conn,
-                                     directionIn,
+    rc = _iptablesCreateRuleInstance(directionIn,
                                      chainPrefix,
                                      nwfilter,
                                      rule,
@@ -1498,7 +1419,6 @@ iptablesCreateRuleInstance(virConnectPtr
 
 /*
  * ebtablesCreateRuleInstance:
- * @conn : Pointer to a virConnect object
  * @chainPrefix : The prefix to put in front of the name of the chain
  * @nwfilter : The filter
  * @rule: The rule of the filter to convert
@@ -1513,8 +1433,7 @@ iptablesCreateRuleInstance(virConnectPtr
  * virConnect object.
  */
 static int
-ebtablesCreateRuleInstance(virConnectPtr conn,
-                           char chainPrefix,
+ebtablesCreateRuleInstance(char chainPrefix,
                            virNWFilterDefPtr nwfilter,
                            virNWFilterRuleDefPtr rule,
                            const char *ifname,
@@ -1543,15 +1462,13 @@ ebtablesCreateRuleInstance(virConnectPtr
                           EBTABLES_DEFAULT_TABLE, chain);
 
 
-        if (ebtablesHandleEthHdr(conn,
-                                 &buf,
+        if (ebtablesHandleEthHdr(&buf,
                                  vars,
                                  &rule->p.ethHdrFilter.ethHdr))
             goto err_exit;
 
         if (HAS_ENTRY_ITEM(&rule->p.ethHdrFilter.dataProtocolID)) {
-            if (printDataTypeAsHex(conn,
-                                   vars,
+            if (printDataTypeAsHex(vars,
                                    number, sizeof(number),
                                    &rule->p.ethHdrFilter.dataProtocolID))
                 goto err_exit;
@@ -1568,8 +1485,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           CMD_DEF_PRE EBTABLES_CMD " -t %s -%%c %s %%s",
                           EBTABLES_DEFAULT_TABLE, chain);
 
-        if (ebtablesHandleEthHdr(conn,
-                                 &buf,
+        if (ebtablesHandleEthHdr(&buf,
                                  vars,
                                  &rule->p.arpHdrFilter.ethHdr))
             goto err_exit;
@@ -1577,10 +1493,9 @@ ebtablesCreateRuleInstance(virConnectPtr
         virBufferAddLit(&buf, " -p arp");
 
         if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataHWType)) {
-             if (printDataType(conn,
-                              vars,
-                              number, sizeof(number),
-                              &rule->p.arpHdrFilter.dataHWType))
+             if (printDataType(vars,
+                               number, sizeof(number),
+                               &rule->p.arpHdrFilter.dataHWType))
                 goto err_exit;
            virBufferVSprintf(&buf,
                           " --arp-htype %s %s",
@@ -1589,8 +1504,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         }
 
         if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataOpcode)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.arpHdrFilter.dataOpcode))
                 goto err_exit;
@@ -1601,8 +1515,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         }
 
         if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataProtocolType)) {
-            if (printDataTypeAsHex(conn,
-                                   vars,
+            if (printDataTypeAsHex(vars,
                                    number, sizeof(number),
                                    &rule->p.arpHdrFilter.dataProtocolType))
                 goto err_exit;
@@ -1613,8 +1526,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         }
 
         if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPSrcIPAddr)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               ipaddr, sizeof(ipaddr),
                               &rule->p.arpHdrFilter.dataARPSrcIPAddr))
                 goto err_exit;
@@ -1626,8 +1538,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         }
 
         if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPDstIPAddr)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               ipaddr, sizeof(ipaddr),
                               &rule->p.arpHdrFilter.dataARPDstIPAddr))
                 goto err_exit;
@@ -1639,8 +1550,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         }
 
         if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPSrcMACAddr)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               macaddr, sizeof(macaddr),
                               &rule->p.arpHdrFilter.dataARPSrcMACAddr))
                 goto err_exit;
@@ -1652,8 +1562,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         }
 
         if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPDstMACAddr)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               macaddr, sizeof(macaddr),
                               &rule->p.arpHdrFilter.dataARPDstMACAddr))
                 goto err_exit;
@@ -1670,8 +1579,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           CMD_DEF_PRE EBTABLES_CMD " -t %s -%%c %s %%s",
                           EBTABLES_DEFAULT_TABLE, chain);
 
-        if (ebtablesHandleEthHdr(conn,
-                                 &buf,
+        if (ebtablesHandleEthHdr(&buf,
                                  vars,
                                  &rule->p.ipHdrFilter.ethHdr))
             goto err_exit;
@@ -1680,8 +1588,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                         " -p ipv4");
 
         if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataSrcIPAddr)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               ipaddr, sizeof(ipaddr),
                               &rule->p.ipHdrFilter.ipHdr.dataSrcIPAddr))
                 goto err_exit;
@@ -1692,8 +1599,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           ipaddr);
 
             if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataSrcIPMask)) {
-                if (printDataType(conn,
-                                  vars,
+                if (printDataType(vars,
                                   number, sizeof(number),
                                   &rule->p.ipHdrFilter.ipHdr.dataSrcIPMask))
                     goto err_exit;
@@ -1705,8 +1611,7 @@ ebtablesCreateRuleInstance(virConnectPtr
 
         if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataDstIPAddr)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               ipaddr, sizeof(ipaddr),
                               &rule->p.ipHdrFilter.ipHdr.dataDstIPAddr))
                 goto err_exit;
@@ -1717,8 +1622,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           ipaddr);
 
             if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataDstIPMask)) {
-                if (printDataType(conn,
-                                  vars,
+                if (printDataType(vars,
                                   number, sizeof(number),
                                   &rule->p.ipHdrFilter.ipHdr.dataDstIPMask))
                     goto err_exit;
@@ -1729,8 +1633,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         }
 
         if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataProtocolID)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.ipHdrFilter.ipHdr.dataProtocolID))
                 goto err_exit;
@@ -1743,8 +1646,7 @@ ebtablesCreateRuleInstance(virConnectPtr
 
         if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.portData.dataSrcPortStart)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.ipHdrFilter.portData.dataSrcPortStart))
                 goto err_exit;
@@ -1755,8 +1657,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           number);
 
             if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.portData.dataSrcPortEnd)) {
-                if (printDataType(conn,
-                                  vars,
+                if (printDataType(vars,
                                   number, sizeof(number),
                                   &rule->p.ipHdrFilter.portData.dataSrcPortEnd))
                     goto err_exit;
@@ -1769,8 +1670,7 @@ ebtablesCreateRuleInstance(virConnectPtr
 
         if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.portData.dataDstPortStart)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.ipHdrFilter.portData.dataDstPortStart))
                 goto err_exit;
@@ -1781,8 +1681,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           number);
 
             if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.portData.dataDstPortEnd)) {
-                if (printDataType(conn,
-                                vars,
+                if (printDataType(vars,
                                 number, sizeof(number),
                                 &rule->p.ipHdrFilter.portData.dataDstPortEnd))
                     goto err_exit;
@@ -1794,8 +1693,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         }
 
         if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataDSCP)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.ipHdrFilter.ipHdr.dataDSCP))
                 goto err_exit;
@@ -1812,8 +1710,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           CMD_DEF_PRE EBTABLES_CMD " -t %s -%%c %s %%s",
                           EBTABLES_DEFAULT_TABLE, chain);
 
-        if (ebtablesHandleEthHdr(conn,
-                                 &buf,
+        if (ebtablesHandleEthHdr(&buf,
                                  vars,
                                  &rule->p.ipv6HdrFilter.ethHdr))
             goto err_exit;
@@ -1822,8 +1719,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                         " -p ipv6");
 
         if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPAddr)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               ipv6addr, sizeof(ipv6addr),
                               &rule->p.ipv6HdrFilter.ipHdr.dataSrcIPAddr))
                 goto err_exit;
@@ -1834,8 +1730,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           ipv6addr);
 
             if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPMask)) {
-                if (printDataType(conn,
-                                  vars,
+                if (printDataType(vars,
                                   number, sizeof(number),
                                   &rule->p.ipv6HdrFilter.ipHdr.dataSrcIPMask))
                     goto err_exit;
@@ -1847,8 +1742,7 @@ ebtablesCreateRuleInstance(virConnectPtr
 
         if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.ipHdr.dataDstIPAddr)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               ipv6addr, sizeof(ipv6addr),
                               &rule->p.ipv6HdrFilter.ipHdr.dataDstIPAddr))
                 goto err_exit;
@@ -1859,8 +1753,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           ipv6addr);
 
             if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.ipHdr.dataDstIPMask)) {
-                if (printDataType(conn,
-                                  vars,
+                if (printDataType(vars,
                                   number, sizeof(number),
                                   &rule->p.ipv6HdrFilter.ipHdr.dataDstIPMask))
                     goto err_exit;
@@ -1871,8 +1764,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         }
 
         if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.ipHdr.dataProtocolID)) {
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.ipv6HdrFilter.ipHdr.dataProtocolID))
                 goto err_exit;
@@ -1885,8 +1777,7 @@ ebtablesCreateRuleInstance(virConnectPtr
 
         if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.portData.dataSrcPortStart)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.ipv6HdrFilter.portData.dataSrcPortStart))
                 goto err_exit;
@@ -1897,8 +1788,7 @@ ebtablesCreateRuleInstance(virConnectPtr
                           number);
 
             if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.portData.dataSrcPortEnd)) {
-                if (printDataType(conn,
-                                  vars,
+                if (printDataType(vars,
                                   number, sizeof(number),
                                   &rule->p.ipv6HdrFilter.portData.dataSrcPortEnd))
                     goto err_exit;
@@ -1911,8 +1801,7 @@ ebtablesCreateRuleInstance(virConnectPtr
 
         if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.portData.dataDstPortStart)) {
 
-            if (printDataType(conn,
-                              vars,
+            if (printDataType(vars,
                               number, sizeof(number),
                               &rule->p.ipv6HdrFilter.portData.dataDstPortStart))
                 goto err_exit;
@@ -1923,10 +1812,9 @@ ebtablesCreateRuleInstance(virConnectPtr
                           number);
 
             if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.portData.dataDstPortEnd)) {
-                if (printDataType(conn,
-                                vars,
-                                number, sizeof(number),
-                                &rule->p.ipv6HdrFilter.portData.dataDstPortEnd))
+                if (printDataType(vars,
+                                  number, sizeof(number),
+                                  &rule->p.ipv6HdrFilter.portData.dataDstPortEnd))
                     goto err_exit;
 
                 virBufferVSprintf(&buf,
@@ -1957,8 +1845,7 @@ ebtablesCreateRuleInstance(virConnectPtr
         return -1;
     }
 
-    return ebiptablesAddRuleInst(conn,
-                                 res,
+    return ebiptablesAddRuleInst(res,
                                  virBufferContentAndReset(&buf),
                                  nwfilter->chainsuffix,
                                  chainPrefix,
@@ -1988,7 +1875,7 @@ err_exit:
  * virConnect object.
  */
 static int
-ebiptablesCreateRuleInstance(virConnectPtr conn,
+ebiptablesCreateRuleInstance(virConnectPtr conn ATTRIBUTE_UNUSED,
                              enum virDomainNetType nettype,
                              virNWFilterDefPtr nwfilter,
                              virNWFilterRuleDefPtr rule,
@@ -2008,8 +1895,7 @@ ebiptablesCreateRuleInstance(virConnectP
 
         if (rule->tt == VIR_NWFILTER_RULE_DIRECTION_OUT ||
             rule->tt == VIR_NWFILTER_RULE_DIRECTION_INOUT) {
-            rc = ebtablesCreateRuleInstance(conn,
-                                            CHAINPREFIX_HOST_IN_TEMP,
+            rc = ebtablesCreateRuleInstance(CHAINPREFIX_HOST_IN_TEMP,
                                             nwfilter,
                                             rule,
                                             ifname,
@@ -2021,8 +1907,7 @@ ebiptablesCreateRuleInstance(virConnectP
 
         if (rule->tt == VIR_NWFILTER_RULE_DIRECTION_IN ||
             rule->tt == VIR_NWFILTER_RULE_DIRECTION_INOUT) {
-            rc = ebtablesCreateRuleInstance(conn,
-                                            CHAINPREFIX_HOST_OUT_TEMP,
+            rc = ebtablesCreateRuleInstance(CHAINPREFIX_HOST_OUT_TEMP,
                                             nwfilter,
                                             rule,
                                             ifname,
@@ -2041,15 +1926,14 @@ ebiptablesCreateRuleInstance(virConnectP
     case VIR_NWFILTER_RULE_PROTOCOL_IGMP:
     case VIR_NWFILTER_RULE_PROTOCOL_ALL:
         if (nettype == VIR_DOMAIN_NET_TYPE_DIRECT) {
-            virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER,
+            virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
                           _("'%s' protocol not support for net type '%s'"),
                           virNWFilterRuleProtocolTypeToString(rule->prtclType),
                           virDomainNetTypeToString(nettype));
             return 1;
         }
         isIPv6 = 0;
-        rc = iptablesCreateRuleInstance(conn,
-                                        nwfilter,
+        rc = iptablesCreateRuleInstance(nwfilter,
                                         rule,
                                         ifname,
                                         vars,
@@ -2066,15 +1950,14 @@ ebiptablesCreateRuleInstance(virConnectP
     case VIR_NWFILTER_RULE_PROTOCOL_ICMPV6:
     case VIR_NWFILTER_RULE_PROTOCOL_ALLoIPV6:
         if (nettype == VIR_DOMAIN_NET_TYPE_DIRECT) {
-            virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER,
+            virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
                           _("'%s' protocol not support for net type '%s'"),
                           virNWFilterRuleProtocolTypeToString(rule->prtclType),
                           virDomainNetTypeToString(nettype));
             return 1;
         }
         isIPv6 = 1;
-        rc = iptablesCreateRuleInstance(conn,
-                                        nwfilter,
+        rc = iptablesCreateRuleInstance(nwfilter,
                                         rule,
                                         ifname,
                                         vars,
@@ -2083,7 +1966,7 @@ ebiptablesCreateRuleInstance(virConnectP
     break;
 
     case VIR_NWFILTER_RULE_PROTOCOL_LAST:
-        virNWFilterReportError(conn, VIR_ERR_INVALID_NWFILTER,
+        virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
                                "%s", _("illegal protocol type"));
         rc = 1;
     break;
@@ -2115,7 +1998,6 @@ ebiptablesDisplayRuleInstance(virConnect
 
 /**
  * ebiptablesWriteToTempFile:
- * @conn: pointer to virConnect object
  * @string : the string to write into the file
  *
  * Returns the tempory filename where the string was written into,
@@ -2128,8 +2010,7 @@ ebiptablesDisplayRuleInstance(virConnect
  * set so that the file can be run as an executable script.
  */
 static char *
-ebiptablesWriteToTempFile(virConnectPtr conn,
-                          const char *string) {
+ebiptablesWriteToTempFile(const char *string) {
     char filename[] = "/tmp/virtdXXXXXX";
     int len;
     char *filnam;
@@ -2139,14 +2020,14 @@ ebiptablesWriteToTempFile(virConnectPtr 
     int fd = mkstemp(filename);
 
     if (fd < 0) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s",
                                _("cannot create temporary file"));
         return NULL;
     }
 
     if (fchmod(fd, S_IXUSR| S_IRUSR | S_IWUSR) < 0) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s",
                                _("cannot change permissions on temp. file"));
         goto err_exit;
@@ -2155,7 +2036,7 @@ ebiptablesWriteToTempFile(virConnectPtr 
     len = strlen(header);
     written = safewrite(fd, header, len);
     if (written != len) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s",
                                _("cannot write string to file"));
         goto err_exit;
@@ -2164,7 +2045,7 @@ ebiptablesWriteToTempFile(virConnectPtr 
     len = strlen(string);
     written = safewrite(fd, string, len);
     if (written != len) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                "%s",
                                _("cannot write string to file"));
         goto err_exit;
@@ -2188,7 +2069,6 @@ err_exit:
 
 /**
  * ebiptablesExecCLI:
- * @conn : pointer to virConnect object
  * @buf : pointer to virBuffer containing the string with the commands to
  *        execute.
  * @status: Pointer to an integer for returning the status of the
@@ -2202,8 +2082,7 @@ err_exit:
  * script and return the status of the execution.
  */
 static int
-ebiptablesExecCLI(virConnectPtr conn,
-                  virBufferPtr buf,
+ebiptablesExecCLI(virBufferPtr buf,
                   int *status)
 {
     char *cmds;
@@ -2226,7 +2105,7 @@ ebiptablesExecCLI(virConnectPtr conn,
     if (!cmds)
         return 0;
 
-    filename = ebiptablesWriteToTempFile(conn, cmds);
+    filename = ebiptablesWriteToTempFile(cmds);
     VIR_FREE(cmds);
 
     if (!filename)
@@ -2248,8 +2127,7 @@ ebiptablesExecCLI(virConnectPtr conn,
 
 
 static int
-ebtablesCreateTmpRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                           virBufferPtr buf,
+ebtablesCreateTmpRootChain(virBufferPtr buf,
                            int incoming, const char *ifname,
                            int stopOnError)
 {
@@ -2271,8 +2149,7 @@ ebtablesCreateTmpRootChain(virConnectPtr
 
 
 static int
-ebtablesLinkTmpRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                         virBufferPtr buf,
+ebtablesLinkTmpRootChain(virBufferPtr buf,
                          int incoming, const char *ifname,
                          int stopOnError)
 {
@@ -2299,8 +2176,7 @@ ebtablesLinkTmpRootChain(virConnectPtr c
 
 
 static int
-_ebtablesRemoveRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                         virBufferPtr buf,
+_ebtablesRemoveRootChain(virBufferPtr buf,
                          int incoming, const char *ifname,
                          int isTempChain)
 {
@@ -2326,26 +2202,23 @@ _ebtablesRemoveRootChain(virConnectPtr c
 
 
 static int
-ebtablesRemoveRootChain(virConnectPtr conn,
-                        virBufferPtr buf,
+ebtablesRemoveRootChain(virBufferPtr buf,
                         int incoming, const char *ifname)
 {
-    return _ebtablesRemoveRootChain(conn, buf, incoming, ifname, 0);
+    return _ebtablesRemoveRootChain(buf, incoming, ifname, 0);
 }
 
 
 static int
-ebtablesRemoveTmpRootChain(virConnectPtr conn,
-                           virBufferPtr buf,
+ebtablesRemoveTmpRootChain(virBufferPtr buf,
                            int incoming, const char *ifname)
 {
-    return _ebtablesRemoveRootChain(conn, buf, incoming, ifname, 1);
+    return _ebtablesRemoveRootChain(buf, incoming, ifname, 1);
 }
 
 
 static int
-_ebtablesUnlinkRootChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                         virBufferPtr buf,
+_ebtablesUnlinkRootChain(virBufferPtr buf,
                          int incoming, const char *ifname,
                          int isTempChain)
 {
@@ -2375,26 +2248,23 @@ _ebtablesUnlinkRootChain(virConnectPtr c
 
 
 static int
-ebtablesUnlinkRootChain(virConnectPtr conn,
-                        virBufferPtr buf,
+ebtablesUnlinkRootChain(virBufferPtr buf,
                         int incoming, const char *ifname)
 {
-    return _ebtablesUnlinkRootChain(conn, buf, incoming, ifname, 0);
+    return _ebtablesUnlinkRootChain(buf, incoming, ifname, 0);
 }
 
 
 static int
-ebtablesUnlinkTmpRootChain(virConnectPtr conn,
-                           virBufferPtr buf,
+ebtablesUnlinkTmpRootChain(virBufferPtr buf,
                            int incoming, const char *ifname)
 {
-    return _ebtablesUnlinkRootChain(conn, buf, incoming, ifname, 1);
+    return _ebtablesUnlinkRootChain(buf, incoming, ifname, 1);
 }
 
 
 static int
-ebtablesCreateTmpSubChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                          virBufferPtr buf,
+ebtablesCreateTmpSubChain(virBufferPtr buf,
                           int incoming,
                           const char *ifname,
                           const char *protocol,
@@ -2430,8 +2300,7 @@ ebtablesCreateTmpSubChain(virConnectPtr 
 
 
 static int
-_ebtablesRemoveSubChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                        virBufferPtr buf,
+_ebtablesRemoveSubChain(virBufferPtr buf,
                         int incoming,
                         const char *ifname,
                         const char *protocol,
@@ -2467,26 +2336,24 @@ _ebtablesRemoveSubChain(virConnectPtr co
 
 
 static int
-ebtablesRemoveSubChain(virConnectPtr conn,
-                       virBufferPtr buf,
+ebtablesRemoveSubChain(virBufferPtr buf,
                        int incoming,
                        const char *ifname,
                        const char *protocol)
 {
-    return _ebtablesRemoveSubChain(conn, buf,
+    return _ebtablesRemoveSubChain(buf,
                                    incoming, ifname, protocol, 0);
 }
 
 
 static int
-ebtablesRemoveSubChains(virConnectPtr conn,
-                          virBufferPtr buf,
-                          const char *ifname)
+ebtablesRemoveSubChains(virBufferPtr buf,
+                        const char *ifname)
 {
     int i;
     for (i = 0; supported_protocols[i]; i++) {
-        ebtablesRemoveSubChain(conn, buf, 1, ifname, supported_protocols[i]);
-        ebtablesRemoveSubChain(conn, buf, 0, ifname, supported_protocols[i]);
+        ebtablesRemoveSubChain(buf, 1, ifname, supported_protocols[i]);
+        ebtablesRemoveSubChain(buf, 0, ifname, supported_protocols[i]);
     }
 
     return 0;
@@ -2494,27 +2361,25 @@ ebtablesRemoveSubChains(virConnectPtr co
 
 
 static int
-ebtablesRemoveTmpSubChain(virConnectPtr conn,
-                          virBufferPtr buf,
+ebtablesRemoveTmpSubChain(virBufferPtr buf,
                           int incoming,
                           const char *ifname,
                           const char *protocol)
 {
-    return _ebtablesRemoveSubChain(conn, buf,
+    return _ebtablesRemoveSubChain(buf,
                                    incoming, ifname, protocol, 1);
 }
 
 
 static int
-ebtablesRemoveTmpSubChains(virConnectPtr conn,
-                           virBufferPtr buf,
+ebtablesRemoveTmpSubChains(virBufferPtr buf,
                            const char *ifname)
 {
     int i;
     for (i = 0; supported_protocols[i]; i++) {
-        ebtablesRemoveTmpSubChain(conn, buf, 1, ifname,
+        ebtablesRemoveTmpSubChain(buf, 1, ifname,
                                   supported_protocols[i]);
-        ebtablesRemoveTmpSubChain(conn, buf, 0, ifname,
+        ebtablesRemoveTmpSubChain(buf, 0, ifname,
                                   supported_protocols[i]);
     }
 
@@ -2523,8 +2388,7 @@ ebtablesRemoveTmpSubChains(virConnectPtr
 
 
 static int
-ebtablesRenameTmpSubChain(virConnectPtr conn ATTRIBUTE_UNUSED,
-                          virBufferPtr buf,
+ebtablesRenameTmpSubChain(virBufferPtr buf,
                           int incoming,
                           const char *ifname,
                           const char *protocol)
@@ -2553,15 +2417,14 @@ ebtablesRenameTmpSubChain(virConnectPtr 
 
 
 static int
-ebtablesRenameTmpSubChains(virConnectPtr conn,
-                           virBufferPtr buf,
+ebtablesRenameTmpSubChains(virBufferPtr buf,
                            const char *ifname)
 {
     int i;
     for (i = 0; supported_protocols[i]; i++) {
-        ebtablesRenameTmpSubChain (conn, buf, 1, ifname,
+        ebtablesRenameTmpSubChain (buf, 1, ifname,
                                    supported_protocols[i]);
-        ebtablesRenameTmpSubChain (conn, buf, 0, ifname,
+        ebtablesRenameTmpSubChain (buf, 0, ifname,
                                    supported_protocols[i]);
     }
 
@@ -2570,18 +2433,16 @@ ebtablesRenameTmpSubChains(virConnectPtr
 
 
 static int
-ebtablesRenameTmpRootChain(virConnectPtr conn,
-                           virBufferPtr buf,
+ebtablesRenameTmpRootChain(virBufferPtr buf,
                            int incoming,
                            const char *ifname)
 {
-    return ebtablesRenameTmpSubChain(conn, buf, incoming, ifname, NULL);
+    return ebtablesRenameTmpSubChain(buf, incoming, ifname, NULL);
 }
 
 
 static void
-ebiptablesInstCommand(virConnectPtr conn ATTRIBUTE_UNUSED,
-                      virBufferPtr buf,
+ebiptablesInstCommand(virBufferPtr buf,
                       const char *templ, char cmd, int pos,
                       int stopOnError)
 {
@@ -2604,7 +2465,7 @@ ebiptablesRuleOrderSort(const void *a, c
 
 
 static int
-ebiptablesApplyNewRules(virConnectPtr conn,
+ebiptablesApplyNewRules(virConnectPtr conn ATTRIBUTE_UNUSED,
                         const char *ifname,
                         int nruleInstances,
                         void **_inst)
@@ -2630,41 +2491,41 @@ ebiptablesApplyNewRules(virConnectPtr co
         }
     }
 
-    ebtablesUnlinkTmpRootChain(conn, &buf, 1, ifname);
-    ebtablesUnlinkTmpRootChain(conn, &buf, 0, ifname);
-    ebtablesRemoveTmpSubChains(conn, &buf, ifname);
-    ebtablesRemoveTmpRootChain(conn, &buf, 1, ifname);
-    ebtablesRemoveTmpRootChain(conn, &buf, 0, ifname);
-    ebiptablesExecCLI(conn, &buf, &cli_status);
+    ebtablesUnlinkTmpRootChain(&buf, 1, ifname);
+    ebtablesUnlinkTmpRootChain(&buf, 0, ifname);
+    ebtablesRemoveTmpSubChains(&buf, ifname);
+    ebtablesRemoveTmpRootChain(&buf, 1, ifname);
+    ebtablesRemoveTmpRootChain(&buf, 0, ifname);
+    ebiptablesExecCLI(&buf, &cli_status);
 
     if (chains_in != 0)
-        ebtablesCreateTmpRootChain(conn, &buf, 1, ifname, 1);
+        ebtablesCreateTmpRootChain(&buf, 1, ifname, 1);
     if (chains_out != 0)
-        ebtablesCreateTmpRootChain(conn, &buf, 0, ifname, 1);
+        ebtablesCreateTmpRootChain(&buf, 0, ifname, 1);
 
     if (chains_in  & (1 << VIR_NWFILTER_CHAINSUFFIX_IPv4))
-        ebtablesCreateTmpSubChain(conn, &buf, 1, ifname, "ipv4", 1);
+        ebtablesCreateTmpSubChain(&buf, 1, ifname, "ipv4", 1);
     if (chains_out & (1 << VIR_NWFILTER_CHAINSUFFIX_IPv4))
-        ebtablesCreateTmpSubChain(conn, &buf, 0, ifname, "ipv4", 1);
+        ebtablesCreateTmpSubChain(&buf, 0, ifname, "ipv4", 1);
 
     if (chains_in  & (1 << VIR_NWFILTER_CHAINSUFFIX_IPv6))
-        ebtablesCreateTmpSubChain(conn, &buf, 1, ifname, "ipv6", 1);
+        ebtablesCreateTmpSubChain(&buf, 1, ifname, "ipv6", 1);
     if (chains_out & (1 << VIR_NWFILTER_CHAINSUFFIX_IPv6))
-        ebtablesCreateTmpSubChain(conn, &buf, 0, ifname, "ipv6", 1);
+        ebtablesCreateTmpSubChain(&buf, 0, ifname, "ipv6", 1);
 
     // keep arp as last
     if (chains_in  & (1 << VIR_NWFILTER_CHAINSUFFIX_ARP))
-        ebtablesCreateTmpSubChain(conn, &buf, 1, ifname, "arp", 1);
+        ebtablesCreateTmpSubChain(&buf, 1, ifname, "arp", 1);
     if (chains_out & (1 << VIR_NWFILTER_CHAINSUFFIX_ARP))
-        ebtablesCreateTmpSubChain(conn, &buf, 0, ifname, "arp", 1);
+        ebtablesCreateTmpSubChain(&buf, 0, ifname, "arp", 1);
 
-    if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+    if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
         goto tear_down_tmpebchains;
 
     for (i = 0; i < nruleInstances; i++)
         switch (inst[i]->ruleType) {
         case RT_EBTABLES:
-            ebiptablesInstCommand(conn, &buf,
+            ebiptablesInstCommand(&buf,
                                   inst[i]->commandTemplate,
                                   'A', -1, 1);
         break;
@@ -2676,68 +2537,68 @@ ebiptablesApplyNewRules(virConnectPtr co
         break;
         }
 
-    if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+    if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
         goto tear_down_tmpebchains;
 
     // FIXME: establishment of iptables user define table tree goes here
 
     if (haveIptables) {
-        iptablesUnlinkTmpRootChains(conn, IPTABLES_CMD, &buf, ifname);
-        iptablesRemoveTmpRootChains(conn, IPTABLES_CMD, &buf, ifname);
+        iptablesUnlinkTmpRootChains(IPTABLES_CMD, &buf, ifname);
+        iptablesRemoveTmpRootChains(IPTABLES_CMD, &buf, ifname);
 
-        iptablesCreateBaseChains(conn, IPTABLES_CMD, &buf);
+        iptablesCreateBaseChains(IPTABLES_CMD, &buf);
 
-        if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+        if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
             goto tear_down_tmpebchains;
 
-        iptablesCreateTmpRootChains(conn, IPTABLES_CMD, &buf, ifname);
+        iptablesCreateTmpRootChains(IPTABLES_CMD, &buf, ifname);
 
-        if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+        if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
            goto tear_down_tmpiptchains;
 
-        iptablesLinkTmpRootChains(conn, IPTABLES_CMD, &buf, ifname);
-        iptablesSetupVirtInPost(conn, IPTABLES_CMD, &buf, ifname);
-        if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+        iptablesLinkTmpRootChains(IPTABLES_CMD, &buf, ifname);
+        iptablesSetupVirtInPost(IPTABLES_CMD, &buf, ifname);
+        if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
            goto tear_down_tmpiptchains;
 
         for (i = 0; i < nruleInstances; i++) {
             if (inst[i]->ruleType == RT_IPTABLES)
-                iptablesInstCommand(conn, &buf,
+                iptablesInstCommand(&buf,
                                     inst[i]->commandTemplate,
                                     'A', -1, 1);
         }
 
-        if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+        if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
            goto tear_down_tmpiptchains;
     }
 
     if (haveIp6tables) {
-        iptablesUnlinkTmpRootChains(conn, IP6TABLES_CMD, &buf, ifname);
-        iptablesRemoveTmpRootChains(conn, IP6TABLES_CMD, &buf, ifname);
+        iptablesUnlinkTmpRootChains(IP6TABLES_CMD, &buf, ifname);
+        iptablesRemoveTmpRootChains(IP6TABLES_CMD, &buf, ifname);
 
-        iptablesCreateBaseChains(conn, IP6TABLES_CMD, &buf);
+        iptablesCreateBaseChains(IP6TABLES_CMD, &buf);
 
-        if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+        if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
             goto tear_down_tmpiptchains;
 
-        iptablesCreateTmpRootChains(conn, IP6TABLES_CMD, &buf, ifname);
+        iptablesCreateTmpRootChains(IP6TABLES_CMD, &buf, ifname);
 
-        if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+        if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
            goto tear_down_tmpip6tchains;
 
-        iptablesLinkTmpRootChains(conn, IP6TABLES_CMD, &buf, ifname);
-        iptablesSetupVirtInPost(conn, IP6TABLES_CMD, &buf, ifname);
-        if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+        iptablesLinkTmpRootChains(IP6TABLES_CMD, &buf, ifname);
+        iptablesSetupVirtInPost(IP6TABLES_CMD, &buf, ifname);
+        if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
            goto tear_down_tmpip6tchains;
 
         for (i = 0; i < nruleInstances; i++) {
             if (inst[i]->ruleType == RT_IP6TABLES)
-                iptablesInstCommand(conn, &buf,
+                iptablesInstCommand(&buf,
                                     inst[i]->commandTemplate,
                                     'A', -1, 1);
         }
 
-        if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+        if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
            goto tear_down_tmpip6tchains;
     }
 
@@ -2745,39 +2606,39 @@ ebiptablesApplyNewRules(virConnectPtr co
     // END IPTABLES stuff
 
     if (chains_in != 0)
-        ebtablesLinkTmpRootChain(conn, &buf, 1, ifname, 1);
+        ebtablesLinkTmpRootChain(&buf, 1, ifname, 1);
     if (chains_out != 0)
-        ebtablesLinkTmpRootChain(conn, &buf, 0, ifname, 1);
+        ebtablesLinkTmpRootChain(&buf, 0, ifname, 1);
 
-    if (ebiptablesExecCLI(conn, &buf, &cli_status) || cli_status != 0)
+    if (ebiptablesExecCLI(&buf, &cli_status) || cli_status != 0)
         goto tear_down_ebsubchains_and_unlink;
 
     return 0;
 
 tear_down_ebsubchains_and_unlink:
-    ebtablesUnlinkTmpRootChain(conn, &buf, 1, ifname);
-    ebtablesUnlinkTmpRootChain(conn, &buf, 0, ifname);
+    ebtablesUnlinkTmpRootChain(&buf, 1, ifname);
+    ebtablesUnlinkTmpRootChain(&buf, 0, ifname);
 
 tear_down_tmpip6tchains:
     if (haveIp6tables) {
-        iptablesUnlinkTmpRootChains(conn, IP6TABLES_CMD, &buf, ifname);
-        iptablesRemoveTmpRootChains(conn, IP6TABLES_CMD, &buf, ifname);
+        iptablesUnlinkTmpRootChains(IP6TABLES_CMD, &buf, ifname);
+        iptablesRemoveTmpRootChains(IP6TABLES_CMD, &buf, ifname);
     }
 
 tear_down_tmpiptchains:
     if (haveIptables) {
-        iptablesUnlinkTmpRootChains(conn, IPTABLES_CMD, &buf, ifname);
-        iptablesRemoveTmpRootChains(conn, IPTABLES_CMD, &buf, ifname);
+        iptablesUnlinkTmpRootChains(IPTABLES_CMD, &buf, ifname);
+        iptablesRemoveTmpRootChains(IPTABLES_CMD, &buf, ifname);
     }
 
 tear_down_tmpebchains:
-    ebtablesRemoveTmpSubChains(conn, &buf, ifname);
-    ebtablesRemoveTmpRootChain(conn, &buf, 1, ifname);
-    ebtablesRemoveTmpRootChain(conn, &buf, 0, ifname);
+    ebtablesRemoveTmpSubChains(&buf, ifname);
+    ebtablesRemoveTmpRootChain(&buf, 1, ifname);
+    ebtablesRemoveTmpRootChain(&buf, 0, ifname);
 
-    ebiptablesExecCLI(conn, &buf, &cli_status);
+    ebiptablesExecCLI(&buf, &cli_status);
 
-    virNWFilterReportError(conn, VIR_ERR_BUILD_FIREWALL,
+    virNWFilterReportError(VIR_ERR_BUILD_FIREWALL,
                            "%s",
                            _("Some rules could not be created."));
 
@@ -2786,64 +2647,64 @@ tear_down_tmpebchains:
 
 
 static int
-ebiptablesTearNewRules(virConnectPtr conn,
+ebiptablesTearNewRules(virConnectPtr conn ATTRIBUTE_UNUSED,
                        const char *ifname)
 {
     int cli_status;
     virBuffer buf = VIR_BUFFER_INITIALIZER;
 
-    iptablesUnlinkTmpRootChains(conn, IPTABLES_CMD, &buf, ifname);
-    iptablesRemoveTmpRootChains(conn, IPTABLES_CMD, &buf, ifname);
+    iptablesUnlinkTmpRootChains(IPTABLES_CMD, &buf, ifname);
+    iptablesRemoveTmpRootChains(IPTABLES_CMD, &buf, ifname);
 
-    iptablesUnlinkTmpRootChains(conn, IP6TABLES_CMD, &buf, ifname);
-    iptablesRemoveTmpRootChains(conn, IP6TABLES_CMD, &buf, ifname);
+    iptablesUnlinkTmpRootChains(IP6TABLES_CMD, &buf, ifname);
+    iptablesRemoveTmpRootChains(IP6TABLES_CMD, &buf, ifname);
 
-    ebtablesUnlinkTmpRootChain(conn, &buf, 1, ifname);
-    ebtablesUnlinkTmpRootChain(conn, &buf, 0, ifname);
+    ebtablesUnlinkTmpRootChain(&buf, 1, ifname);
+    ebtablesUnlinkTmpRootChain(&buf, 0, ifname);
 
-    ebtablesRemoveTmpSubChains(conn, &buf, ifname);
-    ebtablesRemoveTmpRootChain(conn, &buf, 1, ifname);
-    ebtablesRemoveTmpRootChain(conn, &buf, 0, ifname);
+    ebtablesRemoveTmpSubChains(&buf, ifname);
+    ebtablesRemoveTmpRootChain(&buf, 1, ifname);
+    ebtablesRemoveTmpRootChain(&buf, 0, ifname);
 
-    ebiptablesExecCLI(conn, &buf, &cli_status);
+    ebiptablesExecCLI(&buf, &cli_status);
 
     return 0;
 }
 
 
 static int
-ebiptablesTearOldRules(virConnectPtr conn,
+ebiptablesTearOldRules(virConnectPtr conn ATTRIBUTE_UNUSED,
                        const char *ifname)
 {
     int cli_status;
     virBuffer buf = VIR_BUFFER_INITIALIZER;
 
     // switch to new iptables user defined chains
-    iptablesUnlinkRootChains(conn, IPTABLES_CMD, &buf, ifname);
-    iptablesRemoveRootChains(conn, IPTABLES_CMD, &buf, ifname);
+    iptablesUnlinkRootChains(IPTABLES_CMD, &buf, ifname);
+    iptablesRemoveRootChains(IPTABLES_CMD, &buf, ifname);
 
-    iptablesRenameTmpRootChains(conn, IPTABLES_CMD, &buf, ifname);
-    ebiptablesExecCLI(conn, &buf, &cli_status);
+    iptablesRenameTmpRootChains(IPTABLES_CMD, &buf, ifname);
+    ebiptablesExecCLI(&buf, &cli_status);
 
-    iptablesUnlinkRootChains(conn, IP6TABLES_CMD, &buf, ifname);
-    iptablesRemoveRootChains(conn, IP6TABLES_CMD, &buf, ifname);
+    iptablesUnlinkRootChains(IP6TABLES_CMD, &buf, ifname);
+    iptablesRemoveRootChains(IP6TABLES_CMD, &buf, ifname);
 
-    iptablesRenameTmpRootChains(conn, IP6TABLES_CMD, &buf, ifname);
-    ebiptablesExecCLI(conn, &buf, &cli_status);
+    iptablesRenameTmpRootChains(IP6TABLES_CMD, &buf, ifname);
+    ebiptablesExecCLI(&buf, &cli_status);
 
-    ebtablesUnlinkRootChain(conn, &buf, 1, ifname);
-    ebtablesUnlinkRootChain(conn, &buf, 0, ifname);
+    ebtablesUnlinkRootChain(&buf, 1, ifname);
+    ebtablesUnlinkRootChain(&buf, 0, ifname);
 
-    ebtablesRemoveSubChains(conn, &buf, ifname);
+    ebtablesRemoveSubChains(&buf, ifname);
 
-    ebtablesRemoveRootChain(conn, &buf, 1, ifname);
-    ebtablesRemoveRootChain(conn, &buf, 0, ifname);
+    ebtablesRemoveRootChain(&buf, 1, ifname);
+    ebtablesRemoveRootChain(&buf, 0, ifname);
 
-    ebtablesRenameTmpSubChains(conn, &buf, ifname);
-    ebtablesRenameTmpRootChain(conn, &buf, 1, ifname);
-    ebtablesRenameTmpRootChain(conn, &buf, 0, ifname);
+    ebtablesRenameTmpSubChains(&buf, ifname);
+    ebtablesRenameTmpRootChain(&buf, 1, ifname);
+    ebtablesRenameTmpRootChain(&buf, 0, ifname);
 
-    ebiptablesExecCLI(conn, &buf, &cli_status);
+    ebiptablesExecCLI(&buf, &cli_status);
 
     return 0;
 }
@@ -2862,7 +2723,7 @@ ebiptablesTearOldRules(virConnectPtr con
  * commands failed.
  */
 static int
-ebiptablesRemoveRules(virConnectPtr conn,
+ebiptablesRemoveRules(virConnectPtr conn ATTRIBUTE_UNUSED,
                       const char *ifname ATTRIBUTE_UNUSED,
                       int nruleInstances,
                       void **_inst)
@@ -2874,16 +2735,16 @@ ebiptablesRemoveRules(virConnectPtr conn
     ebiptablesRuleInstPtr *inst = (ebiptablesRuleInstPtr *)_inst;
 
     for (i = 0; i < nruleInstances; i++)
-        ebiptablesInstCommand(conn, &buf,
+        ebiptablesInstCommand(&buf,
                               inst[i]->commandTemplate,
                               'D', -1,
                               0);
 
-    if (ebiptablesExecCLI(conn, &buf, &cli_status))
+    if (ebiptablesExecCLI(&buf, &cli_status))
         goto err_exit;
 
     if (cli_status) {
-        virNWFilterReportError(conn, VIR_ERR_BUILD_FIREWALL,
+        virNWFilterReportError(VIR_ERR_BUILD_FIREWALL,
                                "%s",
                                _("error while executing CLI commands"));
         rc = 1;
@@ -2908,25 +2769,24 @@ ebiptablesAllTeardown(const char *ifname
 {
     virBuffer buf = VIR_BUFFER_INITIALIZER;
     int cli_status;
-    virConnectPtr conn = NULL;
 
-    iptablesUnlinkRootChains(conn, IPTABLES_CMD, &buf, ifname);
-    iptablesClearVirtInPost (conn, IPTABLES_CMD, &buf, ifname);
-    iptablesRemoveRootChains(conn, IPTABLES_CMD, &buf, ifname);
+    iptablesUnlinkRootChains(IPTABLES_CMD, &buf, ifname);
+    iptablesClearVirtInPost (IPTABLES_CMD, &buf, ifname);
+    iptablesRemoveRootChains(IPTABLES_CMD, &buf, ifname);
 
-    iptablesUnlinkRootChains(conn, IP6TABLES_CMD, &buf, ifname);
-    iptablesClearVirtInPost (conn, IP6TABLES_CMD, &buf, ifname);
-    iptablesRemoveRootChains(conn, IP6TABLES_CMD, &buf, ifname);
+    iptablesUnlinkRootChains(IP6TABLES_CMD, &buf, ifname);
+    iptablesClearVirtInPost (IP6TABLES_CMD, &buf, ifname);
+    iptablesRemoveRootChains(IP6TABLES_CMD, &buf, ifname);
 
-    ebtablesUnlinkRootChain(conn, &buf, 1, ifname);
-    ebtablesUnlinkRootChain(conn, &buf, 0, ifname);
+    ebtablesUnlinkRootChain(&buf, 1, ifname);
+    ebtablesUnlinkRootChain(&buf, 0, ifname);
 
-    ebtablesRemoveRootChain(conn, &buf, 1, ifname);
-    ebtablesRemoveRootChain(conn, &buf, 0, ifname);
+    ebtablesRemoveRootChain(&buf, 1, ifname);
+    ebtablesRemoveRootChain(&buf, 0, ifname);
 
-    ebtablesRemoveSubChains(conn, &buf, ifname);
+    ebtablesRemoveSubChains(&buf, ifname);
 
-    ebiptablesExecCLI(conn, &buf, &cli_status);
+    ebiptablesExecCLI(&buf, &cli_status);
 
     return 0;
 }
Index: libvirt-acl/src/conf/nwfilter_params.c
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_params.c
+++ libvirt-acl/src/conf/nwfilter_params.c
@@ -153,7 +153,6 @@ virNWFilterHashTableRemoveEntry(virNWFil
 struct addToTableStruct {
     virNWFilterHashTablePtr target;
     int errOccurred;
-    virConnectPtr conn;
 };
 
 
@@ -174,7 +173,7 @@ addToTable(void *payload, const char *na
     }
 
     if (virNWFilterHashTablePut(atts->target, name, val, 1) != 0) {
-        virNWFilterReportError(atts->conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                _("Could not put variable '%s' into hashmap"),
                                name);
         atts->errOccurred = 1;
@@ -184,14 +183,12 @@ addToTable(void *payload, const char *na
 
 
 int
-virNWFilterHashTablePutAll(virConnectPtr conn,
-                           virNWFilterHashTablePtr src,
+virNWFilterHashTablePutAll(virNWFilterHashTablePtr src,
                            virNWFilterHashTablePtr dest)
 {
     struct addToTableStruct atts = {
         .target = dest,
         .errOccurred = 0,
-        .conn = conn,
     };
 
     virHashForEach(src->hashTable, addToTable, &atts);
Index: libvirt-acl/tests/nwfilterxml2xmltest.c
===================================================================
--- libvirt-acl.orig/tests/nwfilterxml2xmltest.c
+++ libvirt-acl/tests/nwfilterxml2xmltest.c
@@ -39,7 +39,7 @@ static int testCompareXMLToXMLFiles(cons
     if (!(dev = virNWFilterDefParseString(NULL, inXmlData)))
         goto fail;
 
-    if (!(actual = virNWFilterDefFormat(NULL, dev)))
+    if (!(actual = virNWFilterDefFormat(dev)))
         goto fail;
 
     if (STRNEQ(outXmlData, actual)) {
Index: libvirt-acl/src/conf/nwfilter_params.h
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_params.h
+++ libvirt-acl/src/conf/nwfilter_params.h
@@ -46,8 +46,7 @@ int virNWFilterHashTablePut(virNWFilterH
                             int freeName);
 int virNWFilterHashTableRemoveEntry(virNWFilterHashTablePtr table,
                                     const char *name);
-int virNWFilterHashTablePutAll(virConnectPtr conn,
-                               virNWFilterHashTablePtr src,
+int virNWFilterHashTablePutAll(virNWFilterHashTablePtr src,
                                virNWFilterHashTablePtr dest);
 
 # define VALID_VARNAME \
Index: libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_gentech_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
@@ -62,7 +62,6 @@ virNWFilterTechDriverForName(const char 
 
 /**
  * virNWFilterRuleInstAddData:
- * @conn : pointer to virConnect object
  * @res : pointer to virNWFilterRuleInst object collecting the instantiation
  *        data of a single firewall rule.
  * @data : the opaque data that the driver wants to add
@@ -77,8 +76,7 @@ virNWFilterTechDriverForName(const char 
  * message attached to the virConnect object.
  */
 int
-virNWFilterRuleInstAddData(virConnectPtr conn ATTRIBUTE_UNUSED,
-                           virNWFilterRuleInstPtr res,
+virNWFilterRuleInstAddData(virNWFilterRuleInstPtr res,
                            void *data)
 {
     if (VIR_REALLOC_N(res->data, res->ndata+1) < 0) {
@@ -107,7 +105,6 @@ virNWFilterRuleInstFree(virNWFilterRuleI
 
 /**
  * virNWFilterVarHashmapAddStdValues:
- * @conn: Poijter to virConnect object
  * @tables: pointer to hash tabel to add values to
  * @macaddr: The string of the MAC address to add to the hash table,
  *    may be NULL
@@ -118,15 +115,14 @@ virNWFilterRuleInstFree(virNWFilterRuleI
  * Adds a couple of standard keys (MAC, IP) to the hash table.
  */
 static int
-virNWFilterVarHashmapAddStdValues(virConnectPtr conn,
-                                  virNWFilterHashTablePtr table,
+virNWFilterVarHashmapAddStdValues(virNWFilterHashTablePtr table,
                                   char *macaddr)
 {
     if (macaddr) {
         if (virHashAddEntry(table->hashTable,
                             NWFILTER_STD_VAR_MAC,
                             macaddr) < 0) {
-            virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                    "%s", _("Could not add variable 'MAC' to hashmap"));
             return 1;
         }
@@ -138,7 +134,6 @@ virNWFilterVarHashmapAddStdValues(virCon
 
 /**
  * virNWFilterCreateVarHashmap:
- * @conn: pointer to virConnect object
  * @macaddr: pointer to string containing formatted MAC address of interface
  *
  * Create a hashmap used for evaluating the firewall rules. Initializes
@@ -148,15 +143,14 @@ virNWFilterVarHashmapAddStdValues(virCon
  * is attached to the virConnect object.
  */
 virNWFilterHashTablePtr
-virNWFilterCreateVarHashmap(virConnectPtr conn,
-                            char *macaddr) {
+virNWFilterCreateVarHashmap(char *macaddr) {
     virNWFilterHashTablePtr table = virNWFilterHashTableCreate(0);
     if (!table) {
         virReportOOMError();
         return NULL;
     }
 
-    if (virNWFilterVarHashmapAddStdValues(conn, table, macaddr)) {
+    if (virNWFilterVarHashmapAddStdValues(table, macaddr)) {
         virNWFilterHashTableFree(table);
         return NULL;
     }
@@ -216,7 +210,6 @@ virNWFilterRuleInstantiate(virConnectPtr
 
 /**
  * virNWFilterCreateVarsFrom:
- * @conn: pointer to virConnect object
  * @vars1: pointer to hash table
  * @vars2: pointer to hash table
  *
@@ -227,8 +220,7 @@ virNWFilterRuleInstantiate(virConnectPtr
  * contents of var2 will overwrite those of var1.
  */
 static virNWFilterHashTablePtr
-virNWFilterCreateVarsFrom(virConnectPtr conn,
-                          virNWFilterHashTablePtr vars1,
+virNWFilterCreateVarsFrom(virNWFilterHashTablePtr vars1,
                           virNWFilterHashTablePtr vars2)
 {
     virNWFilterHashTablePtr res = virNWFilterHashTableCreate(0);
@@ -237,10 +229,10 @@ virNWFilterCreateVarsFrom(virConnectPtr 
         return NULL;
     }
 
-    if (virNWFilterHashTablePutAll(conn, vars1, res))
+    if (virNWFilterHashTablePutAll(vars1, res))
         goto err_exit;
 
-    if (virNWFilterHashTablePutAll(conn, vars2, res))
+    if (virNWFilterHashTablePutAll(vars2, res))
         goto err_exit;
 
     return res;
@@ -324,7 +316,7 @@ _virNWFilterInstantiateRec(virConnectPtr
             if (obj) {
 
                 if (obj->wantRemoved) {
-                    virNWFilterReportError(conn, VIR_ERR_NO_NWFILTER,
+                    virNWFilterReportError(VIR_ERR_NO_NWFILTER,
                                            _("Filter '%s' is in use."),
                                            inc->filterref);
                     rc = 1;
@@ -334,8 +326,7 @@ _virNWFilterInstantiateRec(virConnectPtr
 
                 // create a temporary hashmap for depth-first tree traversal
                 virNWFilterHashTablePtr tmpvars =
-                                      virNWFilterCreateVarsFrom(conn,
-                                                                inc->params,
+                                      virNWFilterCreateVarsFrom(inc->params,
                                                                 vars);
                 if (!tmpvars) {
                     virReportOOMError();
@@ -373,7 +364,7 @@ _virNWFilterInstantiateRec(virConnectPtr
                 if (rc)
                     break;
             } else {
-                virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+                virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                        _("referenced filter '%s' is missing"),
                                        inc->filterref);
                 rc = 1;
@@ -516,7 +507,7 @@ _virNWFilterInstantiateFilter(virConnect
     techdriver = virNWFilterTechDriverForName(drvname);
 
     if (!techdriver) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                _("Could not get access to ACL tech "
                                "driver '%s'"),
                                drvname);
@@ -527,14 +518,14 @@ _virNWFilterInstantiateFilter(virConnect
 
     obj = virNWFilterPoolObjFindByName(&driver->pools, net->filter);
     if (!obj) {
-        virNWFilterReportError(conn, VIR_ERR_NO_NWFILTER,
+        virNWFilterReportError(VIR_ERR_NO_NWFILTER,
                                _("Could not find filter '%s'"),
                                net->filter);
         return 1;
     }
 
     if (obj->wantRemoved) {
-        virNWFilterReportError(conn, VIR_ERR_NO_NWFILTER,
+        virNWFilterReportError(VIR_ERR_NO_NWFILTER,
                                _("Filter '%s' is in use."),
                                net->filter);
         rc = 1;
@@ -549,8 +540,7 @@ _virNWFilterInstantiateFilter(virConnect
         goto err_exit;
     }
 
-    vars1 = virNWFilterCreateVarHashmap(conn,
-                                        str_macaddr);
+    vars1 = virNWFilterCreateVarHashmap(str_macaddr);
     if (!vars1) {
         rc = 1;
         goto err_exit;
@@ -558,8 +548,7 @@ _virNWFilterInstantiateFilter(virConnect
 
     str_macaddr = NULL;
 
-    vars = virNWFilterCreateVarsFrom(conn,
-                                     vars1,
+    vars = virNWFilterCreateVarsFrom(vars1,
                                      net->filterparams);
     if (!vars) {
         rc = 1;
@@ -630,7 +619,7 @@ int virNWFilterRollbackUpdateFilter(virC
     virNWFilterTechDriverPtr techdriver;
     techdriver = virNWFilterTechDriverForName(drvname);
     if (!techdriver) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                _("Could not get access to ACL tech "
                                "driver '%s'"),
                                drvname);
@@ -649,7 +638,7 @@ virNWFilterTearOldFilter(virConnectPtr c
     virNWFilterTechDriverPtr techdriver;
     techdriver = virNWFilterTechDriverForName(drvname);
     if (!techdriver) {
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                _("Could not get access to ACL tech "
                                "driver '%s'"),
                                drvname);
@@ -668,12 +657,10 @@ virNWFilterTeardownFilter(const virDomai
     techdriver = virNWFilterTechDriverForName(drvname);
 
     if (!techdriver) {
-#if 0
-        virNWFilterReportError(conn, VIR_ERR_INTERNAL_ERROR,
+        virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
                                _("Could not get access to ACL tech "
                                "driver '%s'"),
                                drvname);
-#endif
         return 1;
     }
 
Index: libvirt-acl/src/nwfilter/nwfilter_gentech_driver.h
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_gentech_driver.h
+++ libvirt-acl/src/nwfilter/nwfilter_gentech_driver.h
@@ -25,8 +25,7 @@
 
 virNWFilterTechDriverPtr virNWFilterTechDriverForName(const char *name);
 
-int virNWFilterRuleInstAddData(virConnectPtr conn,
-                               virNWFilterRuleInstPtr res,
+int virNWFilterRuleInstAddData(virNWFilterRuleInstPtr res,
                                void *data);
 
 
@@ -48,8 +47,7 @@ int virNWFilterTearOldFilter(virConnectP
 
 int virNWFilterTeardownFilter(const virDomainNetDefPtr net);
 
-virNWFilterHashTablePtr virNWFilterCreateVarHashmap(virConnectPtr conn,
-                                                     char *macaddr);
+virNWFilterHashTablePtr virNWFilterCreateVarHashmap(char *macaddr);
 
 void virNWFilterDomainFWUpdateCB(void *payload,
                                  const char *name ATTRIBUTE_UNUSED,




More information about the libvir-list mailing list