[libvirt] [PATCH] BZ 657918 Default iptables setup in libvirt breaks mDNS
Brian J. Murrell
brian at interlinx.bc.ca
Wed Dec 12 00:05:35 UTC 2012
On 12-12-11 06:24 PM, Eric Blake wrote:
>
> Thanks!
NP. Had it just lying around here anyway. :-)
> Comment should now mention 4 rules.
Doh! Missed that in the patch port. Updated in my local copy (which I
will of course resend once all of the initial review is done).
>> + /* exempt multicast traffic */
>> + if (iptablesAddForwardMasqueradeExempt(driver->iptables) < 0) {
>> + virReportError(VIR_ERR_SYSTEM_ERROR,
>> + _("failed to add iptables rule to exempt multicast traffic from masquerading"));
>
> Indentation is a bit off,
OK. Fixed (again, locally).
> and you need a "%s" argument to keep the
> syntax-checker happy about a message with no other % operand.
Hrm. There is no argument to substitute into a %s though. There appear
to be lots of other "virReportError()" calls with no %s in them if
there is no argument such as:
virReportError(VIR_ERR_SYSTEM_ERROR,
forwardIf ?
_("failed to add iptables rule to enable masquerading to %s") :
_("failed to add iptables rule to enable masquerading"),
forwardIf);
Notice if forwardIf is NULL, it will use the:
_("failed to add iptables rule to enable masquerading"),
branch. Of course I could be missing something.
> Do we need an IPv6 counterpart? (Or am I just showing my ignorance of
> what IPv6 does as a counterpart to IPv4 multicast?)
Hrm. I wouldn't think so. NAT (which is what masquerading is)
isn't supposed to exist in IPv6. Billions of addresses and all that.
:-) Unless my understanding is incorrect that is.
Cheers,
b.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20121211/2ae82217/attachment-0001.sig>
More information about the libvir-list
mailing list