[libvirt] [PATCH] nwfilter: allow for different format of IPv6 netmask/prefix in ebtables output
Daniel P. Berrangé
berrange at redhat.com
Thu Feb 21 18:02:36 UTC 2019
On Fri, Feb 15, 2019 at 01:21:50PM -0500, Laine Stump wrote:
> The iptables-ebtables package is meant as a drop-in replacement for
> the native ebtables package, but it formats some items in the -L
> output differently, leading to failure of scripts that depend on the
> output of ebtables -L. In particular:
>
> with old ebtables IPv6 prefixes are output as a netmask (e.g.: "/ffff:fc00")
>
> with iptables-ebtables IPv6 prefixes are always output as a numeric
> prefix (e.g. "/22"), and suppressed completely if the prefix is
> /128.
>
> This difference is also described in
> https://bugzilla.redhat.com/show_bug.cgi?id=1674536
>
> "old" ebtables upstream has just accepted a patch to change its output
> to match that of iptables-ebtables:
>
> https://marc.info/?l=netfilter-devel&m=155000828923204&w=2
>
> so it makes sense for libvirt-tck to accept the new format (as well as
> the old). As with the patch for fixing up MAC addresses with leading
> 0s, this patch also uses sed to apply a substitution to the scraped
> output of ebtables -L. However, rather than keeping the comparison
> (expected) output in the old (netmask) form, it is changed to the new
> (prefix) form, and the sed commands change netmasks to prefixes. (This
> works out better because in some cases we need to replace [all ff's]
> with "", and it's not possible to do that in the opposite direction
> :-)
Ok, so you're not doing a real netmask -> prefix convertor. You've
just hardcoded the conversions we need given our expected data.
This looks fine to me as a prudent approach.
> Signed-off-by: Laine Stump <laine at laine.org>
> ---
Reviewed-by: Daniel P. Berrangé <berrange at redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list