[virt-tools-list] [PATCH] virtinst: add nwfilter support

Daniel Gollub daniel.gollub at t-online.de
Wed Aug 28 15:36:25 UTC 2013


This allows to make use of libvirt network filtering support with virt-install.
With the additional option "filterref" in the --network parameter one can
configure any defined nwfilter per network interface, i.e.:
virt-install ... --network network=mynet,model=virtio,filterref=clean-traffic
---
 man/virt-install.pod        |    6 ++++++
 virtinst/cli.py             |    4 +++-
 virtinst/deviceinterface.py |    4 +++-
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/man/virt-install.pod b/man/virt-install.pod
index 6106d8f..c3d5e86 100644
--- a/man/virt-install.pod
+++ b/man/virt-install.pod
@@ -614,6 +614,12 @@ Xen virtual machines it is required that the first 3 pairs in the MAC address
 be the sequence '00:16:3e', while for QEMU or KVM virtual machines it must
 be '52:54:00'.
 
+=item B<filterref>
+
+Controlling firewall and network filtering in libvirt. Value can be any nwfilter
+defined by the C<virsh> 'nwfilter' subcommands. Available filters can be listed
+by running 'virsh nwfilter-list', e.g.: 'clean-traffic', 'no-mac-spoofing', ...
+
 =back
 
 =item --nonetworks
diff --git a/virtinst/cli.py b/virtinst/cli.py
index 38e458b..09070fa 100644
--- a/virtinst/cli.py
+++ b/virtinst/cli.py
@@ -993,7 +993,8 @@ def add_net_option(devg):
       help=_("Configure a guest network interface. Ex:\n"
              "--network bridge=mybr0\n"
              "--network network=my_libvirt_virtual_net\n"
-             "--network network=mynet,model=virtio,mac=00:11..."))
+             "--network network=mynet,model=virtio,mac=00:11...\n"
+             "--network network=mynet,filterref=clean-traffic,model=virtio"))
 
 
 def add_device_options(devg):
@@ -1578,6 +1579,7 @@ def parse_network(guest, optstring, dev=None, mac=None):
     set_param("bridge", "bridge")
     set_param("model", "model")
     set_param("macaddr", "mac")
+    set_param("filterref", "filterref")
 
     if opts:
         raise ValueError(_("Unknown options %s") % opts.keys())
diff --git a/virtinst/deviceinterface.py b/virtinst/deviceinterface.py
index 3e59d27..8412b83 100644
--- a/virtinst/deviceinterface.py
+++ b/virtinst/deviceinterface.py
@@ -198,7 +198,8 @@ class VirtualNetworkInterface(VirtualDevice):
 
     _XML_PROP_ORDER = [
         "bridge", "network", "source_dev", "source_mode",
-        "macaddr", "target_dev", "model", "virtualport"]
+        "macaddr", "target_dev", "model", "virtualport",
+        "filterref"]
 
     type = XMLProperty(xpath="./@type",
                        default_cb=lambda s: s.TYPE_BRIDGE)
@@ -233,6 +234,7 @@ class VirtualNetworkInterface(VirtualDevice):
                               default_cb=_default_source_mode)
     model = XMLProperty(xpath="./model/@type")
     target_dev = XMLProperty(xpath="./target/@dev")
+    filterref = XMLProperty(xpath="./filterref/@filter")
 
 
 VirtualNetworkInterface.register_type()
-- 
1.7.10.4




More information about the virt-tools-list mailing list