[libvirt] [patch 1/3] Clean all tables before applying basic rules
Daniel Veillard
veillard at redhat.com
Fri Apr 30 11:59:39 UTC 2010
On Thu, Apr 29, 2010 at 09:34:46PM -0400, Stefan Berger wrote:
> The functions invoked by the IP address learning thread
> that apply some basic filtering rules did not clean up
> any previous filtering rules that may still be there
> (due to a libvirt restart for example). With the
> patch below all the rules are cleaned up first.
>
> Also, I am introducing a function to drop all traffic
> in case the IP address learning thread could not apply
> the rules.
>
> Signed-off-by: Stefan Berger <stefanb at us.ibm.com>
>
> ---
> src/conf/nwfilter_conf.h | 3
> src/nwfilter/nwfilter_ebiptables_driver.c | 104 +++++++++++++++++++++++++-----
> src/nwfilter/nwfilter_learnipaddr.c | 4 -
> src/nwfilter/nwfilter_learnipaddr.h | 2
> 4 files changed, 96 insertions(+), 17 deletions(-)
>
Okay, I had to double check that ebiptablesExecCLI() reall freed the
passed buffer content in all case, looks fine,
ACK,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel at veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
More information about the libvir-list
mailing list