[libvirt] [PATCH] nwfilter: remove target table before renaming it
Stefan Berger
stefanb at linux.vnet.ibm.com
Thu Aug 9 19:30:07 UTC 2012
Remove the target table before renaming a table to it, i.e.,
remove table B before renaming A to B. This makes the
renaming more robust against unconnected left-over tables.
---
src/nwfilter/nwfilter_ebiptables_driver.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
Index: libvirt-firewalld/src/nwfilter/nwfilter_ebiptables_driver.c
===================================================================
--- libvirt-firewalld.orig/src/nwfilter/nwfilter_ebiptables_driver.c
+++ libvirt-firewalld/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -125,12 +125,18 @@ static const char ebiptables_script_func
"}\n";
static const char ebiptables_script_func_rename_chains[] =
+ "rename_chain()\n"
+ "{\n"
+ " $EBT -t nat -F $2\n"
+ " $EBT -t nat -X $2\n"
+ " $EBT -t nat -E $1 $2\n"
+ "}\n"
"rename_chains()\n"
"{\n"
" for tmp in $*; do\n"
" case $tmp in\n"
- " %c*) $EBT -t nat -E $tmp %c${tmp#?} ;;\n"
- " %c*) $EBT -t nat -E $tmp %c${tmp#?} ;;\n"
+ " %c*) rename_chain $tmp %c${tmp#?} ;;\n"
+ " %c*) rename_chain $tmp %c${tmp#?} ;;\n"
" esac\n"
" done\n"
"}\n";
More information about the libvir-list
mailing list