diff options
Diffstat (limited to 'main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch')
| -rw-r--r-- | main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch | 40 |
1 files changed, 25 insertions, 15 deletions
diff --git a/main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch b/main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch index 6441577b1e..d77da2f2f7 100644 --- a/main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch +++ b/main/libvirt/0001-util-refactor-iptables-command-construction-into-mul.patch @@ -1,6 +1,6 @@ -From d1be257a85234f139c073f7c41f845065dd7246e Mon Sep 17 00:00:00 2001 +From f3531a040cf2ea1fc432a7613af4e9e823b2caa1 Mon Sep 17 00:00:00 2001 From: Natanael Copa <ncopa@alpinelinux.org> -Date: Thu, 22 Nov 2012 13:33:23 +0100 +Date: Mon, 4 Feb 2013 10:45:23 +0100 Subject: [PATCH] util: refactor iptables command construction into multiple steps @@ -10,15 +10,25 @@ so we can add conditional options like physdev and protocol. This removes code duplication while keeping existing behaviour. Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> +Signed-off-by: Eric Blake <eblake@redhat.com> --- - src/util/iptables.c | 130 +++++++++++++++++++++++----------------------------- - 1 file changed, 58 insertions(+), 72 deletions(-) + src/util/viriptables.c | 132 ++++++++++++++++++++++--------------------------- + 1 file changed, 59 insertions(+), 73 deletions(-) -diff --git a/src/util/iptables.c b/src/util/iptables.c -index 00a1c29..407ca3a 100644 ---- a/src/util/iptables.c -+++ b/src/util/iptables.c -@@ -127,15 +127,10 @@ iptRulesNew(const char *table, +diff --git a/src/util/viriptables.c b/src/util/viriptables.c +index 2c4290a..41fe780 100644 +--- a/src/util/viriptables.c ++++ b/src/util/viriptables.c +@@ -1,7 +1,7 @@ + /* + * viriptables.c: helper APIs for managing iptables + * +- * Copyright (C) 2007-2012 Red Hat, Inc. ++ * Copyright (C) 2007-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public +@@ -129,15 +129,10 @@ iptRulesNew(const char *table, return NULL; } @@ -36,7 +46,7 @@ index 00a1c29..407ca3a 100644 #if HAVE_FIREWALLD virIpTablesInitialize(); if (firewall_cmd_path) { -@@ -152,16 +147,36 @@ iptablesAddRemoveRule(iptRules *rules, int family, int action, +@@ -154,16 +149,36 @@ iptablesAddRemoveRule(iptRules *rules, int family, int action, virCommandAddArgList(cmd, "--table", rules->table, action == ADD ? "--insert" : "--delete", @@ -77,7 +87,7 @@ index 00a1c29..407ca3a 100644 } /** -@@ -370,28 +385,24 @@ iptablesForwardAllowOut(iptablesContext *ctx, +@@ -372,28 +387,24 @@ iptablesForwardAllowOut(iptablesContext *ctx, { int ret; char *networkstr; @@ -109,7 +119,7 @@ index 00a1c29..407ca3a 100644 + action); + virCommandAddArgList(cmd, + "--source", networkstr, -+ "--in-interface", iface, NULL); ++ "--in-interface", iface, NULL); + + if (physdev && physdev[0]) + virCommandAddArgList(cmd, "--out-interface", physdev, NULL); @@ -120,7 +130,7 @@ index 00a1c29..407ca3a 100644 VIR_FREE(networkstr); return ret; } -@@ -797,6 +808,7 @@ iptablesForwardMasquerade(iptablesContext *ctx, +@@ -799,6 +810,7 @@ iptablesForwardMasquerade(iptablesContext *ctx, { int ret; char *networkstr; @@ -128,7 +138,7 @@ index 00a1c29..407ca3a 100644 if (!(networkstr = iptablesFormatNetwork(netaddr, prefix))) return -1; -@@ -810,49 +822,23 @@ iptablesForwardMasquerade(iptablesContext *ctx, +@@ -812,49 +824,23 @@ iptablesForwardMasquerade(iptablesContext *ctx, return -1; } @@ -196,5 +206,5 @@ index 00a1c29..407ca3a 100644 return ret; } -- -1.8.0.1 +1.8.1.2 |