[PATCH 6/6] virsh: add support for '--validate' option in define nwfilter

Kristina Hanicova khanicov at redhat.com
Fri Aug 20 11:57:10 UTC 2021 

Signed-off-by: Kristina Hanicova <khanicov at redhat.com>
---
 docs/manpages/virsh.rst |  5 ++++-
 tools/virsh-nwfilter.c  | 13 ++++++++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 3eb310d02e..0326a7d015 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -7483,7 +7483,7 @@ nwfilter-define
 
 ::
 
-   nwfilter-define xmlfile
+   nwfilter-define xmlfile [--validate]
 
 Make a new network filter known to libvirt. If a network filter with
 the same name already exists, it will be replaced with the new XML.
@@ -7492,6 +7492,9 @@ its network traffic rules adapted. If for any reason the network traffic
 filtering rules cannot be instantiated by any of the running virtual
 machines, then the new XML will be rejected.
 
+Optionally, the format of the input XML file can be validated against an
+internal RNG schema with *--validate*.
+
 
 nwfilter-undefine
 -----------------
diff --git a/tools/virsh-nwfilter.c b/tools/virsh-nwfilter.c
index f38f33798d..e062aa1649 100644
--- a/tools/virsh-nwfilter.c
+++ b/tools/virsh-nwfilter.c
@@ -81,6 +81,10 @@ static const vshCmdInfo info_nwfilter_define[] = {
 static const vshCmdOptDef opts_nwfilter_define[] = {
     VIRSH_COMMON_OPT_FILE(N_("file containing an XML network "
                              "filter description")),
+    {.name = "validate",
+     .type = VSH_OT_BOOL,
+     .help = N_("validate the XML against the schema")
+    },
     {.name = NULL}
 };
 
@@ -91,15 +95,22 @@ cmdNWFilterDefine(vshControl *ctl, const vshCmd *cmd)
     const char *from = NULL;
     bool ret = true;
     g_autofree char *buffer = NULL;
+    unsigned int flags = 0;
     virshControl *priv = ctl->privData;
 
     if (vshCommandOptStringReq(ctl, cmd, "file", &from) < 0)
         return false;
 
+    if (vshCommandOptBool(cmd, "validate"))
+        flags |= VIR_NWFILTER_DEFINE_VALIDATE;
+
     if (virFileReadAll(from, VSH_MAX_XML_FILE, &buffer) < 0)
         return false;
 
-    nwfilter = virNWFilterDefineXML(priv->conn, buffer);
+    if (flags)
+        nwfilter = virNWFilterDefineXMLFlags(priv->conn, buffer, flags);
+    else
+        nwfilter = virNWFilterDefineXML(priv->conn, buffer);
 
     if (nwfilter != NULL) {
         vshPrintExtra(ctl, _("Network filter %s defined from %s\n"),
-- 
2.31.1

More information about the libvir-list mailing list