[libvirt] [PATCH] nwfilters: support for TCP flags evaluation
Eric Blake
eblake at redhat.com
Fri Apr 1 17:53:18 UTC 2011
On 04/01/2011 10:17 AM, Stefan Berger wrote:
> This patch adds support for the evaluation of TCP flags in nwfilters.
>
> It adds documentation to the web page and extends the tests as well.
>
> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
It would help to list a sample xml snippet in the commit message as
well, so that 'git log' can more easily find when it was introduced.
I haven't looked at this closely (it's post-0.9.0 material), but the
idea sounds nice and in line with your overall efforts of making
nwfilter more fine-grained :)
> +++ libvirt-acl/docs/formatnwfilter.html.in
> @@ -755,6 +755,11 @@
> <td>STRING</td>
> <td>comma separated list of NEW,ESTABLISHED,RELATED,INVALID or NONE</td>
> </tr>
> + <tr>
> + <td>flags <span class="since">(Since 0.9.0)</span></td>
So this would need to be 0.9.1.
> + <td>STRING</td>
> + <td>TCP-only: format of mask/flags with mask and flags each being a
> comma separated list of SYN,ACK,URG,PSH,FIN,RST or NONE or ALL</td>
> + </tr>
> </table>
> <p>
> <br><br>
> @@ -1040,6 +1045,11 @@
> <td>STRING</td>
> <td>comma separated list of NEW,ESTABLISHED,RELATED,INVALID or NONE</td>
> </tr>
> + <tr>
> + <td>flags <span class="since">(Since 0.8.5)</span></td>
Is 0.8.5 right?
> + <td>STRING</td>
> + <td>format of mask/flags with mask and flags each being a comma
> separated list of SYN,ACK,URG,PSH,FIN,RST or NONE or ALL</td>
> + </tr>
> </table>
> <p>
> <br><br>
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110401/74e7095d/attachment-0001.sig>
More information about the libvir-list
mailing list