[libvirt] [PATCH v3 11/14] Core driver implementation with ebtables support

Stefan Berger stefanb at us.ibm.com
Thu Mar 25 15:59:11 UTC 2010


"Daniel P. Berrange" <berrange at redhat.com> wrote on 03/25/2010 11:49:05 
AM:

> Please respond to "Daniel P. Berrange"
> 
> On Tue, Mar 23, 2010 at 10:54:17AM -0400, stefanb at us.ibm.com wrote:
> > +/*
> > +    char macaddr[VIR_MAC_STRING_BUFLEN],
> > +         ipaddr[INET_ADDRSTRLEN],
> > +         number[20];
> > +    char chain[MAX_CHAINNAME_LENGTH];
> > +    virBuffer buf = VIR_BUFFER_INITIALIZER;
> > +
> > +    if (nwfilter->chainsuffix == VIR_NWFILTER_CHAINSUFFIX_ROOT)
> > +        PRINT_ROOT_CHAIN(chain, chainPrefix, ifname);
> > +    else
> > +        PRINT_CHAIN(chain, chainPrefix, ifname,
> > +                    virNWFilterChainSuffixTypeToString
> (nwfilter->chainsuffix));
> 
> Since we're passing this into the shell, I think we should do paranoid
> validation on the 'chain' and 'ifname' fields, since they ultimately 
come
> from the user specified XML. Validate that it only contains a-Z, 0-0, -, 
_

Actually the user specified XML only currently allows the chain names 
'arp', 
'ipv4', 'ipv6' and 'root'. Others will already be rejected when parsing 
the filter.

With the interface names I was assuming that at the point where this part 
here
gets called is already well after the establishment of tap interfaces and 
the
net->ifname contains valid values otherwise the creation of the tap or 
macvtap
would have blown earlier.

> 
> 
> It would also be nice to put a variety of XML files in a 
tests/nwfilterdata
> directory and making a test suite to run the parser API against them, as
> well as adding some real world examples in the examples/nwfilter 
directory
> for end users to start from.

In the v4 patch series I am adding filters to examples/xml/nwfilter that 
are 
automatically copied to /etc/libvirt/nwfilter for libvirt to pick up.

Gerhard has written a couple of test cases but they are for the external
test suite from what I know. So, yes, we'll add test cases over time.

  Regards,
    Stefan

> 
> Regards,
> Daniel
> -- 
> |: Red Hat, Engineering, London    -o-   
http://people.redhat.com/berrange/:|
> |: http://libvirt.org -o- http://virt-manager.org -o- 
http://deltacloud.org:|
> |: http://autobuild.org        -o-         
http://search.cpan.org/~danberr/:|
> |: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 
9505 :|
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20100325/0a2f0bcb/attachment-0001.htm>


More information about the libvir-list mailing list