aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/libvirt/0001-Fix-missing-error-constants-in-libvirt-python-module.patch98
-rw-r--r--main/libvirt/0001-complete-virterror-virerror-name-change.patch40
-rw-r--r--main/libvirt/0001-net-support-set-public-ip-range-for-forward-mode-nat.patch487
-rw-r--r--main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch210
-rw-r--r--main/libvirt/0002-net-add-support-for-specifying-port-range-for-forwar.patch379
-rw-r--r--main/libvirt/APKBUILD28
6 files changed, 12 insertions, 1230 deletions
diff --git a/main/libvirt/0001-Fix-missing-error-constants-in-libvirt-python-module.patch b/main/libvirt/0001-Fix-missing-error-constants-in-libvirt-python-module.patch
deleted file mode 100644
index b9afb51031..0000000000
--- a/main/libvirt/0001-Fix-missing-error-constants-in-libvirt-python-module.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From 25ea8e47e74def560bf89cd94dd54b75ca5ff4d6 Mon Sep 17 00:00:00 2001
-From: "Daniel P. Berrange" <berrange@redhat.com>
-Date: Tue, 5 Feb 2013 12:55:09 +0000
-Subject: [PATCH] Fix missing error constants in libvirt python module
-
-The previous change to the generator, changed too much - only
-the functions are in 'virerror.c', the constants remained in
-'virerror.h' which could not be renamed for API compat reasons.
-
-Add a test case to sanity check the generated python bindings
-
-Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
----
- python/Makefile.am | 5 +++++
- python/generator.py | 4 +++-
- python/sanitytest.py | 31 +++++++++++++++++++++++++++++++
- 3 files changed, 39 insertions(+), 1 deletion(-)
- create mode 100644 python/sanitytest.py
-
-diff --git a/python/Makefile.am b/python/Makefile.am
-index dd69600..ef3c3eb 100644
---- a/python/Makefile.am
-+++ b/python/Makefile.am
-@@ -119,6 +119,11 @@ $(libvirtmod_la_OBJECTS): $(GENERATED)
- $(libvirtmod_qemu_la_OBJECTS): $(QEMU_GENERATED)
- $(libvirtmod_lxc_la_OBJECTS): $(LXC_GENERATED)
-
-+EXTRA_DIST += sanitytest.py
-+
-+check-local:
-+ $(AM_V_GEN)PYTHONPATH=$(abs_topbuilddir):$(abs_topbuilddir)/.libs $(PYTHON) $(srcdir)/sanitytest.py
-+
- install-data-local:
- $(mkinstalldirs) $(DESTDIR)$(pyexecdir)
- $(INSTALL) -m 0644 libvirt.py $(DESTDIR)$(pyexecdir)
-diff --git a/python/generator.py b/python/generator.py
-index 71ca883..ceade6b 100755
---- a/python/generator.py
-+++ b/python/generator.py
-@@ -122,8 +122,9 @@ class docParser(xml.sax.handler.ContentHandler):
- if attrs.has_key('field'):
- self.function_return_field = attrs['field']
- elif tag == 'enum':
-+ # enums come from header files, hence virterror.h
- if (attrs['file'] == "libvirt" or
-- attrs['file'] == "virerror"):
-+ attrs['file'] == "virterror"):
- enum(attrs['type'],attrs['name'],attrs['value'])
- elif attrs['file'] == "libvirt-lxc":
- lxc_enum(attrs['type'],attrs['name'],attrs['value'])
-@@ -134,6 +135,7 @@ class docParser(xml.sax.handler.ContentHandler):
- if debug:
- print "end %s" % tag
- if tag == 'function':
-+ # fuctions come from source files, hence 'virerror.c'
- if self.function != None:
- if (self.function_module == "libvirt" or
- self.function_module == "virevent" or
-diff --git a/python/sanitytest.py b/python/sanitytest.py
-new file mode 100644
-index 0000000..047450b
---- /dev/null
-+++ b/python/sanitytest.py
-@@ -0,0 +1,31 @@
-+#!/usr/bin/python
-+
-+import libvirt
-+
-+globals = dir(libvirt)
-+
-+# Sanity test that the generator hasn't gone wrong
-+
-+# Look for core classes
-+assert("virConnect" in globals)
-+assert("virDomain" in globals)
-+assert("virDomainSnapshot" in globals)
-+assert("virInterface" in globals)
-+assert("virNWFilter" in globals)
-+assert("virNodeDevice" in globals)
-+assert("virNetwork" in globals)
-+assert("virSecret" in globals)
-+assert("virStoragePool" in globals)
-+assert("virStorageVol" in globals)
-+assert("virStream" in globals)
-+assert("VIR_CONNECT_RO" in globals)
-+
-+# Error related bits
-+assert("libvirtError" in globals)
-+assert("VIR_ERR_AUTH_FAILED" in globals)
-+assert("virGetLastError" in globals)
-+
-+# Some misc methods
-+assert("virInitialize" in globals)
-+assert("virEventAddHandle" in globals)
-+assert("virEventRegisterDefaultImpl" in globals)
---
-1.7.11.7
-
diff --git a/main/libvirt/0001-complete-virterror-virerror-name-change.patch b/main/libvirt/0001-complete-virterror-virerror-name-change.patch
deleted file mode 100644
index c16b009df2..0000000000
--- a/main/libvirt/0001-complete-virterror-virerror-name-change.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From a6b8bae5a6a4752926eba409202ec061d81c6c8a Mon Sep 17 00:00:00 2001
-From: Serge Hallyn <serge.hallyn@canonical.com>
-Date: Wed, 30 Jan 2013 21:05:45 -0600
-Subject: [PATCH] complete virterror->virerror name change
-
-Without these two string changes in generator.py, the
-virGetLastError wrapper does not get created in
-/usr/share/pyshared/libvirt.py. Noticed when running
-tests with virt-install.
-
-Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
----
- python/generator.py | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/python/generator.py b/python/generator.py
-index 5d27f66..71ca883 100755
---- a/python/generator.py
-+++ b/python/generator.py
-@@ -123,7 +123,7 @@ class docParser(xml.sax.handler.ContentHandler):
- self.function_return_field = attrs['field']
- elif tag == 'enum':
- if (attrs['file'] == "libvirt" or
-- attrs['file'] == "virterror"):
-+ attrs['file'] == "virerror"):
- enum(attrs['type'],attrs['name'],attrs['value'])
- elif attrs['file'] == "libvirt-lxc":
- lxc_enum(attrs['type'],attrs['name'],attrs['value'])
-@@ -137,7 +137,7 @@ class docParser(xml.sax.handler.ContentHandler):
- if self.function != None:
- if (self.function_module == "libvirt" or
- self.function_module == "virevent" or
-- self.function_module == "virterror"):
-+ self.function_module == "virerror"):
- function(self.function, self.function_descr,
- self.function_return, self.function_args,
- self.function_file, self.function_module,
---
-1.8.1
-
diff --git a/main/libvirt/0001-net-support-set-public-ip-range-for-forward-mode-nat.patch b/main/libvirt/0001-net-support-set-public-ip-range-for-forward-mode-nat.patch
deleted file mode 100644
index 789bd9bda3..0000000000
--- a/main/libvirt/0001-net-support-set-public-ip-range-for-forward-mode-nat.patch
+++ /dev/null
@@ -1,487 +0,0 @@
-From 18d50f3bc920d70a65e2c3b1f08826db91d8ae2e Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Sun, 3 Feb 2013 12:18:36 +0100
-Subject: [PATCH 1/2] net: support set public ip range for forward mode nat
-
-Support setting which public ip to use for NAT via attribute
-address in subelement <nat> in <forward>:
-
-...
- <forward mode='nat'>
- <address start='1.2.3.4' end='1.2.3.10'/>
- </forward>
-...
-
-This will construct an iptables line using:
-
- '-j SNAT --to-source <start>-<end>'
-
-instead of:
-
- '-j MASQUERADE'
-
-Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
----
- docs/formatnetwork.html.in | 18 ++++++
- src/conf/network_conf.c | 152 ++++++++++++++++++++++++++++++++++++++++++--
- src/conf/network_conf.h | 3 +
- src/network/bridge_driver.c | 16 +++++
- src/util/viriptables.c | 56 +++++++++++++---
- src/util/viriptables.h | 4 ++
- 6 files changed, 235 insertions(+), 14 deletions(-)
-
-diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in
-index 7b42529..5fbd0a9 100644
---- a/docs/formatnetwork.html.in
-+++ b/docs/formatnetwork.html.in
-@@ -136,6 +136,24 @@
- network, and to/from the host to the guests, are
- unrestricted and not NATed.<span class="since">Since
- 0.4.2</span>
-+
-+ <p><span class="since">Since 1.0.3</span> it is possible to
-+ specify a public IPv4 address range to be used for the NAT by
-+ using the <code>&lt;nat&gt;</code> and
-+ <code>&lt;address&gt;</code> subelements.
-+ <pre>
-+...
-+ &lt;forward mode='nat'&gt;
-+ &lt;nat&gt;
-+ &lt;address start='1.2.3.4' end='1.2.3.10'/&gt;
-+ &lt;/nat&gt;
-+ &lt;/forward&gt;
-+...
-+ </pre>
-+ An singe IPv4 address can be set by setting
-+ <code>start</code> and <code>end</code> attributes to
-+ the same value.
-+ </p>
- </dd>
-
- <dt><code>route</code></dt>
-diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
-index 3604ff7..61d086a 100644
---- a/src/conf/network_conf.c
-+++ b/src/conf/network_conf.c
-@@ -1325,6 +1325,80 @@ cleanup:
- }
-
- static int
-+virNetworkForwardNatDefParseXML(const char *networkName,
-+ xmlNodePtr node,
-+ xmlXPathContextPtr ctxt,
-+ virNetworkForwardDefPtr def)
-+{
-+ int ret = -1;
-+ xmlNodePtr *natAddrNodes = NULL;
-+ int nNatAddrs;
-+ char *addr_start = NULL;
-+ char *addr_end = NULL;
-+ xmlNodePtr save = ctxt->node;
-+
-+ ctxt->node = node;
-+
-+ if (def->type != VIR_NETWORK_FORWARD_NAT) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("The <nat> element can only be used when <forward> 'mode' is 'nat' in network %s"),
-+ networkName);
-+ goto cleanup;
-+ }
-+
-+ /* addresses for SNAT */
-+ nNatAddrs = virXPathNodeSet("./address", ctxt, &natAddrNodes);
-+ if (nNatAddrs < 0) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("invalid <address> element found in <forward> of "
-+ "network %s"), networkName);
-+ goto cleanup;
-+ } else if (nNatAddrs > 1) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("Only one <address> element is allowed in <nat> in "
-+ "<forward> in network %s"), networkName);
-+ goto cleanup;
-+ } else if (nNatAddrs == 1) {
-+ addr_start = virXMLPropString(*natAddrNodes, "start");
-+ if (addr_start == NULL) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("missing 'start' attribute in <address> element in <nat> in "
-+ "<forward> in network %s"), networkName);
-+ goto cleanup;
-+ }
-+ addr_end = virXMLPropString(*natAddrNodes, "end");
-+ if (addr_end == NULL) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("missing 'end' attribute in <address> element in <nat> in "
-+ "<forward> in network %s"), networkName);
-+ goto cleanup;
-+ }
-+ }
-+
-+ if (addr_start && virSocketAddrParse(&def->addr_start, addr_start, AF_INET) < 0) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("Bad ipv4 start address '%s' in <nat> in <forward> in "
-+ "network '%s'"), addr_start, networkName);
-+ goto cleanup;
-+ }
-+
-+ if (addr_end && virSocketAddrParse(&def->addr_end, addr_end, AF_INET) < 0) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("Bad ipv4 end address '%s' in <nat> in <forward> in "
-+ "network '%s'"), addr_end, networkName);
-+ goto cleanup;
-+ }
-+
-+ ret = 0;
-+
-+cleanup:
-+ VIR_FREE(addr_start);
-+ VIR_FREE(addr_end);
-+ ctxt->node = save;
-+ return ret;
-+}
-+
-+static int
- virNetworkForwardDefParseXML(const char *networkName,
- xmlNodePtr node,
- xmlXPathContextPtr ctxt,
-@@ -1334,7 +1408,8 @@ virNetworkForwardDefParseXML(const char *networkName,
- xmlNodePtr *forwardIfNodes = NULL;
- xmlNodePtr *forwardPfNodes = NULL;
- xmlNodePtr *forwardAddrNodes = NULL;
-- int nForwardIfs, nForwardAddrs, nForwardPfs;
-+ xmlNodePtr *forwardNatNodes = NULL;
-+ int nForwardIfs, nForwardAddrs, nForwardPfs, nForwardNats;
- char *forwardDev = NULL;
- char *forwardManaged = NULL;
- char *type = NULL;
-@@ -1384,6 +1459,24 @@ virNetworkForwardDefParseXML(const char *networkName,
- goto cleanup;
- }
-
-+ nForwardNats = virXPathNodeSet("./nat", ctxt, &forwardNatNodes);
-+ if (nForwardNats < 0) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("invalid <nat> element found in <forward> of network %s"),
-+ networkName);
-+ goto cleanup;
-+ } else if (nForwardNats > 1) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("Only one <nat> element is allowed in <forward> of network %s"),
-+ networkName);
-+ goto cleanup;
-+ } else if (nForwardNats == 1) {
-+ if (virNetworkForwardNatDefParseXML(networkName,
-+ *forwardNatNodes,
-+ ctxt, def) < 0)
-+ goto cleanup;
-+ }
-+
- if (((nForwardIfs > 0) + (nForwardAddrs > 0) + (nForwardPfs > 0)) > 1) {
- virReportError(VIR_ERR_XML_ERROR,
- _("<address>, <interface>, and <pf> elements in <forward> "
-@@ -1525,6 +1618,7 @@ cleanup:
- VIR_FREE(forwardPfNodes);
- VIR_FREE(forwardIfNodes);
- VIR_FREE(forwardAddrNodes);
-+ VIR_FREE(forwardNatNodes);
- ctxt->node = save;
- return ret;
- }
-@@ -2079,13 +2173,54 @@ virPortGroupDefFormat(virBufferPtr buf,
- }
-
- static int
-+virNatDefFormat(virBufferPtr buf,
-+ const virNetworkForwardDefPtr fwd)
-+{
-+ char *addr_start = NULL;
-+ char *addr_end = NULL;
-+ int ret = -1;
-+
-+ if (VIR_SOCKET_ADDR_VALID(&fwd->addr_start)) {
-+ addr_start = virSocketAddrFormat(&fwd->addr_start);
-+ if (!addr_start)
-+ goto cleanup;
-+ }
-+
-+ if (VIR_SOCKET_ADDR_VALID(&fwd->addr_end)) {
-+ addr_end = virSocketAddrFormat(&fwd->addr_end);
-+ if (!addr_end)
-+ goto cleanup;
-+ }
-+
-+ if (!addr_end && !addr_start)
-+ return 0;
-+
-+ virBufferAddLit(buf, "<nat>\n");
-+ virBufferAdjustIndent(buf, 2);
-+
-+ virBufferAsprintf(buf, "<address start='%s'", addr_start);
-+ if (addr_end)
-+ virBufferAsprintf(buf, " end='%s'", addr_end);
-+ virBufferAsprintf(buf, "/>\n");
-+
-+ virBufferAdjustIndent(buf, -2);
-+ virBufferAsprintf(buf, "</nat>\n");
-+ ret = 0;
-+
-+cleanup:
-+ VIR_FREE(addr_start);
-+ VIR_FREE(addr_end);
-+ return ret;
-+}
-+
-+static int
- virNetworkDefFormatInternal(virBufferPtr buf,
- const virNetworkDefPtr def,
- unsigned int flags)
- {
- unsigned char *uuid;
- char uuidstr[VIR_UUID_STRING_BUFLEN];
-- int ii;
-+ int ii, shortforward;
-
- virBufferAddLit(buf, "<network");
- if (!(flags & VIR_NETWORK_XML_INACTIVE) && (def->connections > 0)) {
-@@ -2122,10 +2257,17 @@ virNetworkDefFormatInternal(virBufferPtr buf,
- else
- virBufferAddLit(buf, " managed='no'");
- }
-- virBufferAsprintf(buf, "%s>\n",
-- (def->forward.nifs || def->forward.npfs) ? "" : "/");
-+ shortforward = !(def->forward.nifs || def->forward.npfs
-+ || VIR_SOCKET_ADDR_VALID(&def->forward.addr_start)
-+ || VIR_SOCKET_ADDR_VALID(&def->forward.addr_end));
-+ virBufferAsprintf(buf, "%s>\n", shortforward ? "/" : "");
- virBufferAdjustIndent(buf, 2);
-
-+ if (def->forward.type == VIR_NETWORK_FORWARD_NAT) {
-+ if (virNatDefFormat(buf, &def->forward) < 0)
-+ goto error;
-+ }
-+
- /* For now, hard-coded to at most 1 forward.pfs */
- if (def->forward.npfs)
- virBufferEscapeString(buf, "<pf dev='%s'/>\n",
-@@ -2155,7 +2297,7 @@ virNetworkDefFormatInternal(virBufferPtr buf,
- }
- }
- virBufferAdjustIndent(buf, -2);
-- if (def->forward.npfs || def->forward.nifs)
-+ if (!shortforward)
- virBufferAddLit(buf, "</forward>\n");
- }
-
-diff --git a/src/conf/network_conf.h b/src/conf/network_conf.h
-index 4c634ed..1a598e3 100644
---- a/src/conf/network_conf.h
-+++ b/src/conf/network_conf.h
-@@ -174,6 +174,9 @@ struct _virNetworkForwardDef {
-
- size_t nifs;
- virNetworkForwardIfDefPtr ifs;
-+
-+ /* adresses for SNAT */
-+ virSocketAddr addr_start, addr_end;
- };
-
- typedef struct _virPortGroupDef virPortGroupDef;
-diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
-index c834f83..6d74c1f 100644
---- a/src/network/bridge_driver.c
-+++ b/src/network/bridge_driver.c
-@@ -1587,6 +1587,8 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
- &ipdef->address,
- prefix,
- forwardIf,
-+ &network->def->forward.addr_start,
-+ &network->def->forward.addr_end,
- NULL) < 0) {
- virReportError(VIR_ERR_SYSTEM_ERROR,
- forwardIf ?
-@@ -1601,6 +1603,8 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
- &ipdef->address,
- prefix,
- forwardIf,
-+ &network->def->forward.addr_start,
-+ &network->def->forward.addr_end,
- "udp") < 0) {
- virReportError(VIR_ERR_SYSTEM_ERROR,
- forwardIf ?
-@@ -1615,6 +1619,8 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
- &ipdef->address,
- prefix,
- forwardIf,
-+ &network->def->forward.addr_start,
-+ &network->def->forward.addr_end,
- "tcp") < 0) {
- virReportError(VIR_ERR_SYSTEM_ERROR,
- forwardIf ?
-@@ -1631,12 +1637,16 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
- &ipdef->address,
- prefix,
- forwardIf,
-+ &network->def->forward.addr_start,
-+ &network->def->forward.addr_end,
- "udp");
- masqerr4:
- iptablesRemoveForwardMasquerade(driver->iptables,
- &ipdef->address,
- prefix,
- forwardIf,
-+ &network->def->forward.addr_start,
-+ &network->def->forward.addr_end,
- NULL);
- masqerr3:
- iptablesRemoveForwardAllowRelatedIn(driver->iptables,
-@@ -1667,16 +1677,22 @@ networkRemoveMasqueradingIptablesRules(struct network_driver *driver,
- &ipdef->address,
- prefix,
- forwardIf,
-+ &network->def->forward.addr_start,
-+ &network->def->forward.addr_end,
- "tcp");
- iptablesRemoveForwardMasquerade(driver->iptables,
- &ipdef->address,
- prefix,
- forwardIf,
-+ &network->def->forward.addr_start,
-+ &network->def->forward.addr_end,
- "udp");
- iptablesRemoveForwardMasquerade(driver->iptables,
- &ipdef->address,
- prefix,
- forwardIf,
-+ &network->def->forward.addr_start,
-+ &network->def->forward.addr_end,
- NULL);
-
- iptablesRemoveForwardAllowRelatedIn(driver->iptables,
-diff --git a/src/util/viriptables.c b/src/util/viriptables.c
-index 41fe780..3f0dcf0 100644
---- a/src/util/viriptables.c
-+++ b/src/util/viriptables.c
-@@ -805,11 +805,15 @@ iptablesForwardMasquerade(iptablesContext *ctx,
- virSocketAddr *netaddr,
- unsigned int prefix,
- const char *physdev,
-+ virSocketAddr *addr_start,
-+ virSocketAddr *addr_end,
- const char *protocol,
- int action)
- {
-- int ret;
-- char *networkstr;
-+ int ret = -1;
-+ char *networkstr = NULL;
-+ char *addr_start_str = NULL;
-+ char *addr_end_str = NULL;
- virCommandPtr cmd = NULL;
-
- if (!(networkstr = iptablesFormatNetwork(netaddr, prefix)))
-@@ -820,8 +824,18 @@ iptablesForwardMasquerade(iptablesContext *ctx,
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("Attempted to NAT '%s'. NAT is only supported for IPv4."),
- networkstr);
-- VIR_FREE(networkstr);
-- return -1;
-+ goto cleanup;
-+ }
-+
-+ if (VIR_SOCKET_ADDR_IS_FAMILY(addr_start, AF_INET)) {
-+ addr_start_str = virSocketAddrFormat(addr_start);
-+ if (!addr_start_str)
-+ goto cleanup;
-+ if (VIR_SOCKET_ADDR_IS_FAMILY(addr_end, AF_INET)) {
-+ addr_end_str = virSocketAddrFormat(addr_end);
-+ if (!addr_end_str)
-+ goto cleanup;
-+ }
- }
-
- cmd = iptablesCommandNew(ctx->nat_postrouting, AF_INET, action);
-@@ -835,12 +849,32 @@ iptablesForwardMasquerade(iptablesContext *ctx,
- if (physdev && physdev[0])
- virCommandAddArgList(cmd, "--out-interface", physdev, NULL);
-
-- virCommandAddArgList(cmd, "--jump", "MASQUERADE", NULL);
-+ /* Use --jump SNAT if public addr is specified */
-+ if (addr_start_str && addr_start_str[0]) {
-+ char tmpstr[sizeof("123.123.123.123-123.123.123.123:65535-65535")];
-+ const char *portstr = "";
-+
-+ memset(tmpstr, 0, sizeof(tmpstr));
-+ if (protocol && protocol[0])
-+ portstr = ":1024-65535";
-+ if (addr_end_str && addr_end_str[0]) {
-+ snprintf(tmpstr, sizeof(tmpstr), "%s-%s%s",
-+ addr_start_str, addr_end_str, portstr);
-+ } else {
-+ snprintf(tmpstr, sizeof(tmpstr), "%s%s", addr_start_str, portstr);
-+ }
-
-- if (protocol && protocol[0])
-- virCommandAddArgList(cmd, "--to-ports", "1024-65535", NULL);
-+ virCommandAddArgList(cmd, "--jump", "SNAT",
-+ "--to-source", tmpstr, NULL);
-+ } else {
-+ virCommandAddArgList(cmd, "--jump", "MASQUERADE", NULL);
-+
-+ if (protocol && protocol[0])
-+ virCommandAddArgList(cmd, "--to-ports", "1024-65535", NULL);
-+ }
-
- ret = iptablesCommandRunAndFree(cmd);
-+cleanup:
- VIR_FREE(networkstr);
- return ret;
- }
-@@ -863,9 +897,11 @@ iptablesAddForwardMasquerade(iptablesContext *ctx,
- virSocketAddr *netaddr,
- unsigned int prefix,
- const char *physdev,
-+ virSocketAddr *addr_start,
-+ virSocketAddr *addr_end,
- const char *protocol)
- {
-- return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev, protocol, ADD);
-+ return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev, addr_start, addr_end, protocol, ADD);
- }
-
- /**
-@@ -886,9 +922,11 @@ iptablesRemoveForwardMasquerade(iptablesContext *ctx,
- virSocketAddr *netaddr,
- unsigned int prefix,
- const char *physdev,
-+ virSocketAddr *addr_start,
-+ virSocketAddr *addr_end,
- const char *protocol)
- {
-- return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev, protocol, REMOVE);
-+ return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev, addr_start, addr_end, protocol, REMOVE);
- }
-
-
-diff --git a/src/util/viriptables.h b/src/util/viriptables.h
-index d7fa731..4241380 100644
---- a/src/util/viriptables.h
-+++ b/src/util/viriptables.h
-@@ -107,11 +107,15 @@ int iptablesAddForwardMasquerade (iptablesContext *ctx,
- virSocketAddr *netaddr,
- unsigned int prefix,
- const char *physdev,
-+ virSocketAddr *addr_start,
-+ virSocketAddr *addr_end,
- const char *protocol);
- int iptablesRemoveForwardMasquerade (iptablesContext *ctx,
- virSocketAddr *netaddr,
- unsigned int prefix,
- const char *physdev,
-+ virSocketAddr *addr_start,
-+ virSocketAddr *addr_end,
- const char *protocol);
- int iptablesAddOutputFixUdpChecksum (iptablesContext *ctx,
- const char *iface,
---
-1.8.1.2
-
diff --git a/main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch b/main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch
deleted file mode 100644
index d77da2f2f7..0000000000
--- a/main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch
+++ /dev/null
@@ -1,210 +0,0 @@
-From f3531a040cf2ea1fc432a7613af4e9e823b2caa1 Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Mon, 4 Feb 2013 10:45:23 +0100
-Subject: [PATCH] util: refactor iptables command construction into multiple
- steps
-
-Instead of creating an iptables command in one shot, do it in steps
-so we can add conditional options like physdev and protocol.
-
-This removes code duplication while keeping existing behaviour.
-
-Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
-Signed-off-by: Eric Blake <eblake@redhat.com>
----
- src/util/viriptables.c | 132 ++++++++++++++++++++++---------------------------
- 1 file changed, 59 insertions(+), 73 deletions(-)
-
-diff --git a/src/util/viriptables.c b/src/util/viriptables.c
-index 2c4290a..41fe780 100644
---- a/src/util/viriptables.c
-+++ b/src/util/viriptables.c
-@@ -1,7 +1,7 @@
- /*
- * viriptables.c: helper APIs for managing iptables
- *
-- * Copyright (C) 2007-2012 Red Hat, Inc.
-+ * Copyright (C) 2007-2013 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
-@@ -129,15 +129,10 @@ iptRulesNew(const char *table,
- return NULL;
- }
-
--static int ATTRIBUTE_SENTINEL
--iptablesAddRemoveRule(iptRules *rules, int family, int action,
-- const char *arg, ...)
-+static virCommandPtr
-+iptablesCommandNew(iptRules *rules, int family, int action)
- {
-- va_list args;
-- int ret;
- virCommandPtr cmd = NULL;
-- const char *s;
--
- #if HAVE_FIREWALLD
- virIpTablesInitialize();
- if (firewall_cmd_path) {
-@@ -154,16 +149,36 @@ iptablesAddRemoveRule(iptRules *rules, int family, int action,
-
- virCommandAddArgList(cmd, "--table", rules->table,
- action == ADD ? "--insert" : "--delete",
-- rules->chain, arg, NULL);
-+ rules->chain, NULL);
-+ return cmd;
-+}
-+
-+static int
-+iptablesCommandRunAndFree(virCommandPtr cmd)
-+{
-+ int ret;
-+ ret = virCommandRun(cmd, NULL);
-+ virCommandFree(cmd);
-+ return ret;
-+}
-+
-+static int ATTRIBUTE_SENTINEL
-+iptablesAddRemoveRule(iptRules *rules, int family, int action,
-+ const char *arg, ...)
-+{
-+ va_list args;
-+ virCommandPtr cmd = NULL;
-+ const char *s;
-+
-+ cmd = iptablesCommandNew(rules, family, action);
-+ virCommandAddArg(cmd, arg);
-
- va_start(args, arg);
- while ((s = va_arg(args, const char *)))
- virCommandAddArg(cmd, s);
- va_end(args);
-
-- ret = virCommandRun(cmd, NULL);
-- virCommandFree(cmd);
-- return ret;
-+ return iptablesCommandRunAndFree(cmd);
- }
-
- /**
-@@ -372,28 +387,24 @@ iptablesForwardAllowOut(iptablesContext *ctx,
- {
- int ret;
- char *networkstr;
-+ virCommandPtr cmd = NULL;
-
- if (!(networkstr = iptablesFormatNetwork(netaddr, prefix)))
- return -1;
-
-- if (physdev && physdev[0]) {
-- ret = iptablesAddRemoveRule(ctx->forward_filter,
-- VIR_SOCKET_ADDR_FAMILY(netaddr),
-- action,
-- "--source", networkstr,
-- "--in-interface", iface,
-- "--out-interface", physdev,
-- "--jump", "ACCEPT",
-- NULL);
-- } else {
-- ret = iptablesAddRemoveRule(ctx->forward_filter,
-- VIR_SOCKET_ADDR_FAMILY(netaddr),
-- action,
-- "--source", networkstr,
-- "--in-interface", iface,
-- "--jump", "ACCEPT",
-- NULL);
-- }
-+ cmd = iptablesCommandNew(ctx->forward_filter,
-+ VIR_SOCKET_ADDR_FAMILY(netaddr),
-+ action);
-+ virCommandAddArgList(cmd,
-+ "--source", networkstr,
-+ "--in-interface", iface, NULL);
-+
-+ if (physdev && physdev[0])
-+ virCommandAddArgList(cmd, "--out-interface", physdev, NULL);
-+
-+ virCommandAddArgList(cmd, "--jump", "ACCEPT", NULL);
-+
-+ ret = iptablesCommandRunAndFree(cmd);
- VIR_FREE(networkstr);
- return ret;
- }
-@@ -799,6 +810,7 @@ iptablesForwardMasquerade(iptablesContext *ctx,
- {
- int ret;
- char *networkstr;
-+ virCommandPtr cmd = NULL;
-
- if (!(networkstr = iptablesFormatNetwork(netaddr, prefix)))
- return -1;
-@@ -812,49 +824,23 @@ iptablesForwardMasquerade(iptablesContext *ctx,
- return -1;
- }
-
-- if (protocol && protocol[0]) {
-- if (physdev && physdev[0]) {
-- ret = iptablesAddRemoveRule(ctx->nat_postrouting,
-- AF_INET,
-- action,
-- "--source", networkstr,
-- "-p", protocol,
-- "!", "--destination", networkstr,
-- "--out-interface", physdev,
-- "--jump", "MASQUERADE",
-- "--to-ports", "1024-65535",
-- NULL);
-- } else {
-- ret = iptablesAddRemoveRule(ctx->nat_postrouting,
-- AF_INET,
-- action,
-- "--source", networkstr,
-- "-p", protocol,
-- "!", "--destination", networkstr,
-- "--jump", "MASQUERADE",
-- "--to-ports", "1024-65535",
-- NULL);
-- }
-- } else {
-- if (physdev && physdev[0]) {
-- ret = iptablesAddRemoveRule(ctx->nat_postrouting,
-- AF_INET,
-- action,
-- "--source", networkstr,
-- "!", "--destination", networkstr,
-- "--out-interface", physdev,
-- "--jump", "MASQUERADE",
-- NULL);
-- } else {
-- ret = iptablesAddRemoveRule(ctx->nat_postrouting,
-- AF_INET,
-- action,
-- "--source", networkstr,
-- "!", "--destination", networkstr,
-- "--jump", "MASQUERADE",
-- NULL);
-- }
-- }
-+ cmd = iptablesCommandNew(ctx->nat_postrouting, AF_INET, action);
-+ virCommandAddArgList(cmd, "--source", networkstr, NULL);
-+
-+ if (protocol && protocol[0])
-+ virCommandAddArgList(cmd, "-p", protocol, NULL);
-+
-+ virCommandAddArgList(cmd, "!", "--destination", networkstr, NULL);
-+
-+ if (physdev && physdev[0])
-+ virCommandAddArgList(cmd, "--out-interface", physdev, NULL);
-+
-+ virCommandAddArgList(cmd, "--jump", "MASQUERADE", NULL);
-+
-+ if (protocol && protocol[0])
-+ virCommandAddArgList(cmd, "--to-ports", "1024-65535", NULL);
-+
-+ ret = iptablesCommandRunAndFree(cmd);
- VIR_FREE(networkstr);
- return ret;
- }
---
-1.8.1.2
-
diff --git a/main/libvirt/0002-net-add-support-for-specifying-port-range-for-forwar.patch b/main/libvirt/0002-net-add-support-for-specifying-port-range-for-forwar.patch
deleted file mode 100644
index 3c1a32f10f..0000000000
--- a/main/libvirt/0002-net-add-support-for-specifying-port-range-for-forwar.patch
+++ /dev/null
@@ -1,379 +0,0 @@
-From acca897f2d0631e2acd4c5c53fd57a4d0a3eb712 Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Mon, 11 Feb 2013 10:08:56 +0100
-Subject: [PATCH 2/2] net: add support for specifying port range for forward
- mode nat
-
-Let users set the port range to be used for forward mode NAT:
-
-...
- <forward mode='nat'>
- <nat>
- <port start='1024' end='65535'/>
- </nat>
- </forward>
-...
-
-Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
----
- docs/formatnetwork.html.in | 21 ++++++++++++++---
- src/conf/network_conf.c | 57 +++++++++++++++++++++++++++++++++++++++------
- src/conf/network_conf.h | 3 ++-
- src/network/bridge_driver.c | 16 +++++++++++++
- src/util/viriptables.c | 39 ++++++++++++++++++++++++-------
- src/util/viriptables.h | 4 ++++
- 6 files changed, 120 insertions(+), 20 deletions(-)
-
-diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in
-index 5fbd0a9..adb5bb9 100644
---- a/docs/formatnetwork.html.in
-+++ b/docs/formatnetwork.html.in
-@@ -138,9 +138,11 @@
- 0.4.2</span>
-
- <p><span class="since">Since 1.0.3</span> it is possible to
-- specify a public IPv4 address range to be used for the NAT by
-- using the <code>&lt;nat&gt;</code> and
-- <code>&lt;address&gt;</code> subelements.
-+ specify a public IPv4 address and port range to be used for
-+ the NAT by using the <code>&lt;nat&gt;</code> subelement.
-+ The address range is set with the <code>&lt;address&gt;</code>
-+ subelements and <code>start</code> and <code>stop</code>
-+ attributes:
- <pre>
- ...
- &lt;forward mode='nat'&gt;
-@@ -154,6 +156,19 @@
- <code>start</code> and <code>end</code> attributes to
- the same value.
- </p>
-+ <p>
-+ The port range to be used for the <code>&lt;nat&gt;</code> can
-+ be set via the subelement <code>&lt;port&gt;</code>:
-+ <pre>
-+...
-+ &lt;forward mode='nat'&gt;
-+ &lt;nat&gt;
-+ &lt;port start='500' end='1000'/&gt;
-+ &lt;/nat&gt;
-+ &lt;/forward&gt;
-+...
-+ </pre>
-+ </p>
- </dd>
-
- <dt><code>route</code></dt>
-diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
-index 61d086a..5725800 100644
---- a/src/conf/network_conf.c
-+++ b/src/conf/network_conf.c
-@@ -1332,7 +1332,8 @@ virNetworkForwardNatDefParseXML(const char *networkName,
- {
- int ret = -1;
- xmlNodePtr *natAddrNodes = NULL;
-- int nNatAddrs;
-+ xmlNodePtr *natPortNodes = NULL;
-+ int nNatAddrs, nNatPorts;
- char *addr_start = NULL;
- char *addr_end = NULL;
- xmlNodePtr save = ctxt->node;
-@@ -1389,6 +1390,36 @@ virNetworkForwardNatDefParseXML(const char *networkName,
- goto cleanup;
- }
-
-+ /* ports for SNAT and MASQUERADE */
-+ nNatPorts = virXPathNodeSet("./port", ctxt, &natPortNodes);
-+ if (nNatPorts < 0) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("invalid <port> element found in <forward> of "
-+ "network %s"), networkName);
-+ goto cleanup;
-+ } else if (nNatPorts > 1) {
-+ virReportError(VIR_ERR_XML_ERROR,
-+ _("Only one <port> element is allowed in <nat> in "
-+ "<forward> in network %s"), networkName);
-+ goto cleanup;
-+ } else if (nNatPorts == 1) {
-+ if (virXPathUInt("string(./port[1]/@start)", ctxt, &def->port_start) < 0
-+ || def->port_start > 65535) {
-+
-+ virReportError(VIR_ERR_XML_DETAIL,
-+ _("Missing or invalid 'start' attribute in <port> "
-+ "in <nat> in <forward> in network %s"),
-+ networkName);
-+ goto cleanup;
-+ }
-+ if (virXPathUInt("string(./port[1]/@end)", ctxt, &def->port_end) < 0
-+ || def->port_end > 65535 || def->port_end < def->port_start) {
-+ virReportError(VIR_ERR_XML_DETAIL,
-+ _("Missing or invalid 'end' attribute in <port> in "
-+ "<nat> in <forward> in network %s"), networkName);
-+ goto cleanup;
-+ }
-+ }
- ret = 0;
-
- cleanup:
-@@ -2179,6 +2210,7 @@ virNatDefFormat(virBufferPtr buf,
- char *addr_start = NULL;
- char *addr_end = NULL;
- int ret = -1;
-+ int longdef;
-
- if (VIR_SOCKET_ADDR_VALID(&fwd->addr_start)) {
- addr_start = virSocketAddrFormat(&fwd->addr_start);
-@@ -2192,16 +2224,25 @@ virNatDefFormat(virBufferPtr buf,
- goto cleanup;
- }
-
-- if (!addr_end && !addr_start)
-+ if (!addr_start && !addr_end && !fwd->port_start && !fwd->port_end)
- return 0;
-
- virBufferAddLit(buf, "<nat>\n");
- virBufferAdjustIndent(buf, 2);
-
-- virBufferAsprintf(buf, "<address start='%s'", addr_start);
-- if (addr_end)
-- virBufferAsprintf(buf, " end='%s'", addr_end);
-- virBufferAsprintf(buf, "/>\n");
-+ if (addr_start) {
-+ virBufferAsprintf(buf, "<address start='%s'", addr_start);
-+ if (addr_end)
-+ virBufferAsprintf(buf, " end='%s'", addr_end);
-+ virBufferAsprintf(buf, "/>\n");
-+ }
-+
-+ if (fwd->port_start || fwd->port_end) {
-+ virBufferAsprintf(buf, "<port start='%d'", fwd->port_start);
-+ if (fwd->port_end)
-+ virBufferAsprintf(buf, " end='%d'", fwd->port_end);
-+ virBufferAsprintf(buf, "/>\n");
-+ }
-
- virBufferAdjustIndent(buf, -2);
- virBufferAsprintf(buf, "</nat>\n");
-@@ -2259,7 +2300,9 @@ virNetworkDefFormatInternal(virBufferPtr buf,
- }
- shortforward = !(def->forward.nifs || def->forward.npfs
- || VIR_SOCKET_ADDR_VALID(&def->forward.addr_start)
-- || VIR_SOCKET_ADDR_VALID(&def->forward.addr_end));
-+ || VIR_SOCKET_ADDR_VALID(&def->forward.addr_end)
-+ || def->forward.port_start
-+ || def->forward.port_end);
- virBufferAsprintf(buf, "%s>\n", shortforward ? "/" : "");
- virBufferAdjustIndent(buf, 2);
-
-diff --git a/src/conf/network_conf.h b/src/conf/network_conf.h
-index 1a598e3..7df2426 100644
---- a/src/conf/network_conf.h
-+++ b/src/conf/network_conf.h
-@@ -175,8 +175,9 @@ struct _virNetworkForwardDef {
- size_t nifs;
- virNetworkForwardIfDefPtr ifs;
-
-- /* adresses for SNAT */
-+ /* ranges for NAT */
- virSocketAddr addr_start, addr_end;
-+ unsigned int port_start, port_end;
- };
-
- typedef struct _virPortGroupDef virPortGroupDef;
-diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
-index 6d74c1f..5c83085 100644
---- a/src/network/bridge_driver.c
-+++ b/src/network/bridge_driver.c
-@@ -1589,6 +1589,8 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
- forwardIf,
- &network->def->forward.addr_start,
- &network->def->forward.addr_end,
-+ network->def->forward.port_start,
-+ network->def->forward.port_end,
- NULL) < 0) {
- virReportError(VIR_ERR_SYSTEM_ERROR,
- forwardIf ?
-@@ -1605,6 +1607,8 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
- forwardIf,
- &network->def->forward.addr_start,
- &network->def->forward.addr_end,
-+ network->def->forward.port_start,
-+ network->def->forward.port_end,
- "udp") < 0) {
- virReportError(VIR_ERR_SYSTEM_ERROR,
- forwardIf ?
-@@ -1621,6 +1625,8 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
- forwardIf,
- &network->def->forward.addr_start,
- &network->def->forward.addr_end,
-+ network->def->forward.port_start,
-+ network->def->forward.port_end,
- "tcp") < 0) {
- virReportError(VIR_ERR_SYSTEM_ERROR,
- forwardIf ?
-@@ -1639,6 +1645,8 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
- forwardIf,
- &network->def->forward.addr_start,
- &network->def->forward.addr_end,
-+ network->def->forward.port_start,
-+ network->def->forward.port_end,
- "udp");
- masqerr4:
- iptablesRemoveForwardMasquerade(driver->iptables,
-@@ -1647,6 +1655,8 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
- forwardIf,
- &network->def->forward.addr_start,
- &network->def->forward.addr_end,
-+ network->def->forward.port_start,
-+ network->def->forward.port_end,
- NULL);
- masqerr3:
- iptablesRemoveForwardAllowRelatedIn(driver->iptables,
-@@ -1679,6 +1689,8 @@ networkRemoveMasqueradingIptablesRules(struct network_driver *driver,
- forwardIf,
- &network->def->forward.addr_start,
- &network->def->forward.addr_end,
-+ network->def->forward.port_start,
-+ network->def->forward.port_end,
- "tcp");
- iptablesRemoveForwardMasquerade(driver->iptables,
- &ipdef->address,
-@@ -1686,6 +1698,8 @@ networkRemoveMasqueradingIptablesRules(struct network_driver *driver,
- forwardIf,
- &network->def->forward.addr_start,
- &network->def->forward.addr_end,
-+ network->def->forward.port_start,
-+ network->def->forward.port_end,
- "udp");
- iptablesRemoveForwardMasquerade(driver->iptables,
- &ipdef->address,
-@@ -1693,6 +1707,8 @@ networkRemoveMasqueradingIptablesRules(struct network_driver *driver,
- forwardIf,
- &network->def->forward.addr_start,
- &network->def->forward.addr_end,
-+ network->def->forward.port_start,
-+ network->def->forward.port_end,
- NULL);
-
- iptablesRemoveForwardAllowRelatedIn(driver->iptables,
-diff --git a/src/util/viriptables.c b/src/util/viriptables.c
-index 3f0dcf0..aa48520 100644
---- a/src/util/viriptables.c
-+++ b/src/util/viriptables.c
-@@ -807,6 +807,8 @@ iptablesForwardMasquerade(iptablesContext *ctx,
- const char *physdev,
- virSocketAddr *addr_start,
- virSocketAddr *addr_end,
-+ unsigned int port_start,
-+ unsigned int port_end,
- const char *protocol,
- int action)
- {
-@@ -815,6 +817,7 @@ iptablesForwardMasquerade(iptablesContext *ctx,
- char *addr_start_str = NULL;
- char *addr_end_str = NULL;
- virCommandPtr cmd = NULL;
-+ char port_str[sizeof(":65535-65535")] = "";
-
- if (!(networkstr = iptablesFormatNetwork(netaddr, prefix)))
- return -1;
-@@ -849,19 +852,27 @@ iptablesForwardMasquerade(iptablesContext *ctx,
- if (physdev && physdev[0])
- virCommandAddArgList(cmd, "--out-interface", physdev, NULL);
-
-+ if (protocol && protocol[0]) {
-+ if (port_start == 0 && port_end == 0) {
-+ port_start = 1024;
-+ port_end = 65535;
-+ }
-+
-+ if (port_start < port_end && port_end < 65536)
-+ snprintf(port_str, sizeof(port_str), ":%d-%d",
-+ port_start, port_end);
-+ }
-+
- /* Use --jump SNAT if public addr is specified */
- if (addr_start_str && addr_start_str[0]) {
- char tmpstr[sizeof("123.123.123.123-123.123.123.123:65535-65535")];
-- const char *portstr = "";
-
- memset(tmpstr, 0, sizeof(tmpstr));
-- if (protocol && protocol[0])
-- portstr = ":1024-65535";
- if (addr_end_str && addr_end_str[0]) {
- snprintf(tmpstr, sizeof(tmpstr), "%s-%s%s",
-- addr_start_str, addr_end_str, portstr);
-+ addr_start_str, addr_end_str, port_str);
- } else {
-- snprintf(tmpstr, sizeof(tmpstr), "%s%s", addr_start_str, portstr);
-+ snprintf(tmpstr, sizeof(tmpstr), "%s%s", addr_start_str, port_str);
- }
-
- virCommandAddArgList(cmd, "--jump", "SNAT",
-@@ -869,8 +880,8 @@ iptablesForwardMasquerade(iptablesContext *ctx,
- } else {
- virCommandAddArgList(cmd, "--jump", "MASQUERADE", NULL);
-
-- if (protocol && protocol[0])
-- virCommandAddArgList(cmd, "--to-ports", "1024-65535", NULL);
-+ if (port_str[0])
-+ virCommandAddArgList(cmd, "--to-ports", &port_str[1], NULL);
- }
-
- ret = iptablesCommandRunAndFree(cmd);
-@@ -899,9 +910,14 @@ iptablesAddForwardMasquerade(iptablesContext *ctx,
- const char *physdev,
- virSocketAddr *addr_start,
- virSocketAddr *addr_end,
-+ unsigned int port_start,
-+ unsigned int port_end,
- const char *protocol)
- {
-- return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev, addr_start, addr_end, protocol, ADD);
-+ return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev,
-+ addr_start, addr_end,
-+ port_start, port_end,
-+ protocol, ADD);
- }
-
- /**
-@@ -924,9 +940,14 @@ iptablesRemoveForwardMasquerade(iptablesContext *ctx,
- const char *physdev,
- virSocketAddr *addr_start,
- virSocketAddr *addr_end,
-+ unsigned int port_start,
-+ unsigned int port_end,
- const char *protocol)
- {
-- return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev, addr_start, addr_end, protocol, REMOVE);
-+ return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev,
-+ addr_start, addr_end,
-+ port_start, port_end,
-+ protocol, REMOVE);
- }
-
-
-diff --git a/src/util/viriptables.h b/src/util/viriptables.h
-index 4241380..f2db368 100644
---- a/src/util/viriptables.h
-+++ b/src/util/viriptables.h
-@@ -109,6 +109,8 @@ int iptablesAddForwardMasquerade (iptablesContext *ctx,
- const char *physdev,
- virSocketAddr *addr_start,
- virSocketAddr *addr_end,
-+ unsigned int port_start,
-+ unsigned int port_end,
- const char *protocol);
- int iptablesRemoveForwardMasquerade (iptablesContext *ctx,
- virSocketAddr *netaddr,
-@@ -116,6 +118,8 @@ int iptablesRemoveForwardMasquerade (iptablesContext *ctx,
- const char *physdev,
- virSocketAddr *addr_start,
- virSocketAddr *addr_end,
-+ unsigned int port_start,
-+ unsigned int port_end,
- const char *protocol);
- int iptablesAddOutputFixUdpChecksum (iptablesContext *ctx,
- const char *iface,
---
-1.8.1.2
-
diff --git a/main/libvirt/APKBUILD b/main/libvirt/APKBUILD
index 485c802039..663b6ac9c7 100644
--- a/main/libvirt/APKBUILD
+++ b/main/libvirt/APKBUILD
@@ -1,8 +1,8 @@
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
pkgname=libvirt
-pkgver="1.0.2"
+pkgver=1.0.3
_ver="${pkgver/_rc/-rc}"
-pkgrel=1
+pkgrel=0
pkgdesc="A virtualization API for several hypervisor and container systems"
url="http://libvirt.org/"
arch="all"
@@ -20,13 +20,6 @@ source="http://libvirt.org/sources/$pkgname-$pkgver.tar.gz
libvirt.confd
libvirt.initd
uclibc-physmem.patch
- 0001-util-refactor-iptables-command-construction-into-mul.patch
-
- 0001-net-support-set-public-ip-range-for-forward-mode-nat.patch
- 0002-net-add-support-for-specifying-port-range-for-forwar.patch
-
- 0001-complete-virterror-virerror-name-change.patch
- 0001-Fix-missing-error-constants-in-libvirt-python-module.patch
"
if [ "$ALPINE_LIBC" != "eglibc" ]; then
@@ -146,12 +139,15 @@ uml() {
_mv_driver "UML" uml
}
-md5sums="7e268ed702c4331d393e5b43449cae13 libvirt-1.0.2.tar.gz
+md5sums="3d9f85d586c9aa3d819b626622f3fc97 libvirt-1.0.3.tar.gz
1c84a7baeafe0a7f4e9d7ae5180311b7 libvirt.confd
d897df38c7e7fa1a297aa551108633c9 libvirt.initd
-df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch
-98a496d6d606c3406e6f8b03c3b25028 0001-util-refactor-iptables-command-construction-into-mul.patch
-05789e003f4b90808b6898e9d72ad8f4 0001-net-support-set-public-ip-range-for-forward-mode-nat.patch
-de01f68b563a51dd39b873c5eade0f25 0002-net-add-support-for-specifying-port-range-for-forwar.patch
-854982416fafeabbeca06e807c868a9c 0001-complete-virterror-virerror-name-change.patch
-dcb427eeceb5dcb79e5ea8eef748e44d 0001-Fix-missing-error-constants-in-libvirt-python-module.patch"
+df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch"
+sha256sums="f64f4acd7cdcfc6ab5e803195ed58b949f262b54e3659d8c37b33f0fec112757 libvirt-1.0.3.tar.gz
+851ab3f9678f0fa9c3ee03f7fc7bd00c4ee86d5f0777eecf9eb1ffe3243adfd1 libvirt.confd
+e9fad203434ffaa6afe524e42a9fb6594edad61cb02b1ca60a68d1a7fe0c31ab libvirt.initd
+807005a8669b7396c9af43ddb2534bb0f073f1e97a5c8b1d9eefc1949f3c2df8 uclibc-physmem.patch"
+sha512sums="f0002d40a018e22bd05c9bc990db0b14e0ec815613f54d04fc3b631081d87b6659620188da9f0ba376f290206d979467013274ab99b7394c66bde54c82e08fb4 libvirt-1.0.3.tar.gz
+9aba6ab73219a635c64a340ee8887356e644445c9128734cbce73f5d54778378da2f10a190365ad88a7db8bc95b1fb17f0c6ca41fc41bb786c09e1afe84d65dc libvirt.confd
+f48c97f93ef4509a86eda6200b3aae5b2c0c6263403bde933b770fd62240dca27bc439bd29b440ea6a47c8337f8b4511230ed915cb5ff54d9a1cf311863f6fa1 libvirt.initd
+4c885e72dcb11f8523a267917315d4874812eee289fb00075334c1728d0da9bd0e5db6c52d6e3c39bd3fe66d5ccadf9e26ec9dcaa855397e211b9bd1173ac72d uclibc-physmem.patch"