[libvirt] [PATCH 2/3] network: add more debugging of firewall chain creation
Jim Fehlig
jfehlig at suse.com
Wed May 22 21:43:22 UTC 2019
On 5/22/19 6:29 AM, Daniel P. Berrangé wrote:
> Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
> ---
> src/network/bridge_driver_linux.c | 18 ++++++++++++++++--
> 1 file changed, 16 insertions(+), 2 deletions(-)
The additional debug messages proved helpful while testing the patches!
Reviewed-by: Jim Fehlig <jfehlig at suse.com>
Regards,
Jim
>
> diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
> index 0d849173b2..2b29363f3c 100644
> --- a/src/network/bridge_driver_linux.c
> +++ b/src/network/bridge_driver_linux.c
> @@ -45,28 +45,42 @@ static void networkSetupPrivateChains(void)
> {
> int rc;
>
> + VIR_DEBUG("Setting up global firewall chains");
> +
> createdChains = false;
>
> rc = iptablesSetupPrivateChains(VIR_FIREWALL_LAYER_IPV4);
> if (rc < 0) {
> + VIR_DEBUG("Failed to create global IPv4 chains: %s",
> + virGetLastErrorMessage());
> errInitV4 = virSaveLastError();
> virResetLastError();
> } else {
> virFreeError(errInitV4);
> errInitV4 = NULL;
> - if (rc)
> + if (rc) {
> + VIR_DEBUG("Created global IPv4 chains");
> createdChains = true;
> + } else {
> + VIR_DEBUG("Global IPv4 chains already exist");
> + }
> }
>
> rc = iptablesSetupPrivateChains(VIR_FIREWALL_LAYER_IPV6);
> if (rc < 0) {
> + VIR_DEBUG("Failed to create global IPv6 chains: %s",
> + virGetLastErrorMessage());
> errInitV6 = virSaveLastError();
> virResetLastError();
> } else {
> virFreeError(errInitV6);
> errInitV6 = NULL;
> - if (rc)
> + if (rc) {
> + VIR_DEBUG("Created global IPv6 chains");
> createdChains = true;
> + } else {
> + VIR_DEBUG("Global IPv6 chains already exist");
> + }
> }
> }
>
>
More information about the libvir-list
mailing list