[libvirt] [PATCH 0/13] [RFC] Network filtering (ACL) extensions for libvirt
Stefan Berger
stefanb at us.ibm.com
Thu Mar 18 10:51:34 UTC 2010
"Daniel P. Berrange" <berrange at redhat.com> wrote on 03/17/2010 11:00:26
AM:
> >
> > I hadn't thought about calling that function... I would want to call a
> > function that can handle something like bash scripts, i.e., multiple
> > concatenated fragments as those shown above just to be more
'efficient'.
>
> Is it really more efficient ? If you need to run 20 ebtables commands,
> then using bash does 1 fork/exec for bash & bash then does another 20
> fork/exec for ebtables.
>
> Alternatively just use virRun() for each ebtables command you just still
> have 20 fork/execs, without using bash.
I converted some of the code to use virRun() rather than writing the
script and running it. This works with the ebtables level code but on
iptables I do have some fragments that are real scripts testing for
example whether jumps into user define iptables chains exists in the
FORWARD table and only create the jump entries if they don't exist and
take other corrective actions. Those scripts use pipes with grep and gawk
and also use grep'ed return values. So I am not sure what to do about
those, but would prefer to keep them as they are...
Stefan
>
> > If virRun() can handle that and $? for example would be treated there
as
> > the return value (which I think is bash-dependent), I'd be happy to
call
> > it as well.
>
> I'd think just call virRun once for each ebtables command - virRun gives
> you back the exit status of the command
>
>
> Regards,
> Daniel
> --
> |: Red Hat, Engineering, London -o-
http://people.redhat.com/berrange/:|
> |: http://libvirt.org -o- http://virt-manager.org -o-
http://deltacloud.org:|
> |: http://autobuild.org -o-
http://search.cpan.org/~danberr/:|
> |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B
9505 :|
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20100318/012a0ae3/attachment-0001.htm>
More information about the libvir-list
mailing list