[libvirt] [PATCH v1 2/2] Add ip6tables support for IPv6 filtering

Daniel Veillard veillard at redhat.com
Mon Apr 12 15:49:49 UTC 2010


On Mon, Apr 12, 2010 at 11:41:31AM -0400, Stefan Berger wrote:
> Daniel Veillard <veillard at redhat.com> wrote on 03/30/2010 10:02:09 AM:
> 
> 
> > > Index: libvirt-acl/configure.ac
> > > ===================================================================
> > > --- libvirt-acl.orig/configure.ac
> > > +++ libvirt-acl/configure.ac
> > > @@ -300,6 +300,9 @@ AC_DEFINE_UNQUOTED([BASH_PATH], "$BASH_P
> > >  AC_PATH_PROG([IPTABLES_PATH], [iptables], /sbin/iptables, [/usr/
> > sbin:$PATH])
> > >  AC_DEFINE_UNQUOTED([IPTABLES_PATH], "$IPTABLES_PATH", [path to 
> > iptables binary])
> > > 
> > > +AC_PATH_PROG([IP6TABLES_PATH], [ip6tables], /sbin/ip6tables, [/
> > usr/sbin:$PATH])
> > > +AC_DEFINE_UNQUOTED([IP6TABLES_PATH], "$IP6TABLES_PATH", [path to 
> > ip6tables binary])
> > > +
> > >  AC_PATH_PROG([EBTABLES_PATH], [ebtables], /sbin/ebtables, [/usr/
> > sbin:$PATH])
> > >  AC_DEFINE_UNQUOTED([EBTABLES_PATH], "$EBTABLES_PATH", [path to 
> > ebtables binary])
> > 
> >   The patch looks fine, based on the existing code, but I'm a bit
> > surprized by the fact that while there is a lookup for
> > ip6tables/iptables at configure time, i.e. when it's compiled, there
> > is no check at runtime to verify that the binaries which were detected
> > then are actually available on the target.
> >   I think some of this should be relaxed like we do for other commands
> > launched at runtime and somehow we should instead use
> >   virFindFileInPath() from util.h
> > to find the location of the preferred ip[6]tables.
> 
> I created a patch using this function call now. It's a bit bigger than 
> expected. Should I wait for after the next release?

  Yeah, it's a bit late in the process, doesn't affect APIs so no
urgency, so let's do that after 0.8.0, that doesn't change the core
concepts.

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel at veillard.com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/




More information about the libvir-list mailing list