[Libvirt-cim] [PATCH] ACL: Add 'Action' property to KVM_{IPHeaders, Hdr8021}Filter

Chip Vincent cvincent at linux.vnet.ibm.com
Tue Sep 20 21:08:50 UTC 2011 

+1. Pushed.

On 08/24/2011 12:26 PM, Eduardo Lima (Etrunko) wrote:
> # HG changeset patch
> # User Eduardo Lima (Etrunko)<eblima at br.ibm.com>
> # Date 1311872160 10800
> # Node ID 4d837e60bb82daa73bba8e13bbab9041fc7632ee
> # Parent  277b56b3863b5f81a3faa18aeb7b9951b963b489
> ACL: Add 'Action' property to KVM_{IPHeaders,Hdr8021}Filter
>
> This property should be defined in the CIM_FilterEntryBase parent class
> (would also apply to  'Direction' and 'Priority' properties), considering
> the fact that, according to libvirt documentation, the 'action' attribute
> of a rule is mandatory. For reference please check:
>
> http://libvirt.org/formatnwfilter.html#nwfelemsRules
>
> Signed-off-by: Eduardo Lima (Etrunko)<eblima at br.ibm.com>
>
> diff --git a/schema/FilterEntry.mof b/schema/FilterEntry.mof
> --- a/schema/FilterEntry.mof
> +++ b/schema/FilterEntry.mof
> @@ -2,6 +2,14 @@
>   [Provider("cmpi::Virt_FilterEntry")]
>   class KVM_Hdr8021Filter : CIM_Hdr8021Filter
>   {
> +        [Description (
> +            "This defines whether the action should be to forward or "
> +            "deny traffic meeting the match condition specified in "
> +            "this filter." ),
> +        ValueMap { "1", "2" },
> +        Values { "Permit", "Deny" }]
> +        uint16 Action;
> +
>           [Description("This defines whether the Filter is used for input, "
>   	        "output, or both input and output filtering.  All values are "
>                   "used with respect to the interface for which the Filter "
> @@ -32,6 +40,14 @@
>   [Provider("cmpi::Virt_FilterEntry")]
>   class KVM_IPHeadersFilter : CIM_IPHeadersFilter
>   {
> +        [Description (
> +            "This defines whether the action should be to forward or "
> +            "deny traffic meeting the match condition specified in "
> +            "this filter." ),
> +        ValueMap { "1", "2" },
> +        Values { "Permit", "Deny" }]
> +        uint16 Action;
> +
>           [Description("This defines whether the Filter is used for input, "
>   	        "output, or both input and output filtering.  All values are "
>                   "used with respect to the interface for which the Filter "
> diff --git a/src/Virt_FilterEntry.c b/src/Virt_FilterEntry.c
> --- a/src/Virt_FilterEntry.c
> +++ b/src/Virt_FilterEntry.c
> @@ -159,6 +159,19 @@
>           return priority;
>   }
>
> +static int convert_action(const char *s)
> +{
> +        enum {NONE=0, ACCEPT, DENY} action = NONE;
> +
> +        if (s != NULL) {
> +                if (STREQC(s, "accept"))
> +                        action = ACCEPT;
> +                else if (STREQC(s, "drop") || STREQC(s, "reject"))
> +                        action = DENY;
> +        }
> +        return action;
> +}
> +
>   static CMPIInstance *convert_mac_rule_to_instance(
>           struct acl_rule *rule,
>           const CMPIBroker *broker,
> @@ -169,7 +182,7 @@
>           CMPIInstance *inst = NULL;
>           const char *sys_name = NULL;
>           const char *sys_ccname = NULL;
> -        int direction, priority = 0;
> +        int action, direction, priority = 0;
>           unsigned int bytes[48];
>           unsigned int size = 0;
>           CMPIArray *array = NULL;
> @@ -203,6 +216,9 @@
>           CMSetProperty(inst, "SystemCreationClassName", sys_ccname, CMPI_chars);
>           CMSetProperty(inst, "Name", (CMPIValue *)rule->name, CMPI_chars);
>
> +        action = convert_action(rule->action);
> +        CMSetProperty(inst, "Action", (CMPIValue *)&action, CMPI_uint16);
> +
>           direction = convert_direction(rule->direction);
>           CMSetProperty(inst, "Direction", (CMPIValue *)&direction, CMPI_uint16);
>
> @@ -259,7 +275,7 @@
>           CMPIInstance *inst = NULL;
>           const char *sys_name = NULL;
>           const char *sys_ccname = NULL;
> -        int direction, priority = 0;
> +        int action, direction, priority = 0;
>           unsigned int bytes[48];
>           unsigned int size = 0;
>           unsigned int n = 0;
> @@ -293,6 +309,9 @@
>           CMSetProperty(inst, "SystemCreationClassName", sys_ccname, CMPI_chars);
>           CMSetProperty(inst, "Name", (CMPIValue *)rule->name, CMPI_chars);
>
> +        action = convert_action(rule->action);
> +        CMSetProperty(inst, "Action", (CMPIValue *)&action, CMPI_uint16);
> +
>           direction = convert_direction(rule->direction);
>           CMSetProperty(inst, "Direction", (CMPIValue *)&direction, CMPI_uint16);
>
>
> _______________________________________________
> Libvirt-cim mailing list
> Libvirt-cim at redhat.com
> https://www.redhat.com/mailman/listinfo/libvirt-cim

-- 
Chip Vincent
Open Virtualization
IBM Linux Technology Center
cvincent at linux.vnet.ibm.com

More information about the Libvirt-cim mailing list