11:26 a.m.
# HG changeset patch
# User Eduardo Lima (Etrunko) <eblima(a)br.ibm.com>
# Date 1311872160 10800
# Node ID 4d837e60bb82daa73bba8e13bbab9041fc7632ee
# Parent 277b56b3863b5f81a3faa18aeb7b9951b963b489
ACL: Add 'Action' property to KVM_{IPHeaders,Hdr8021}Filter
This property should be defined in the CIM_FilterEntryBase parent class
(would also apply to 'Direction' and 'Priority' properties), considering
the fact that, according to libvirt documentation, the 'action' attribute
of a rule is mandatory. For reference please check:
http://libvirt.org/formatnwfilter.html#nwfelemsRules
Signed-off-by: Eduardo Lima (Etrunko) <eblima(a)br.ibm.com>
diff --git a/schema/FilterEntry.mof b/schema/FilterEntry.mof
--- a/schema/FilterEntry.mof
+++ b/schema/FilterEntry.mof
@@ -2,6 +2,14 @@
[Provider("cmpi::Virt_FilterEntry")]
class KVM_Hdr8021Filter : CIM_Hdr8021Filter
{
+ [Description (
+ "This defines whether the action should be to forward or "
+ "deny traffic meeting the match condition specified in "
+ "this filter." ),
+ ValueMap { "1", "2" },
+ Values { "Permit", "Deny" }]
+ uint16 Action;
+
[Description("This defines whether the Filter is used for input, "
"output, or both input and output filtering. All values are "
"used with respect to the interface for which the Filter "
@@ -32,6 +40,14 @@
[Provider("cmpi::Virt_FilterEntry")]
class KVM_IPHeadersFilter : CIM_IPHeadersFilter
{
+ [Description (
+ "This defines whether the action should be to forward or "
+ "deny traffic meeting the match condition specified in "
+ "this filter." ),
+ ValueMap { "1", "2" },
+ Values { "Permit", "Deny" }]
+ uint16 Action;
+
[Description("This defines whether the Filter is used for input, "
"output, or both input and output filtering. All values are "
"used with respect to the interface for which the Filter "
diff --git a/src/Virt_FilterEntry.c b/src/Virt_FilterEntry.c
--- a/src/Virt_FilterEntry.c
+++ b/src/Virt_FilterEntry.c
@@ -159,6 +159,19 @@
return priority;
}
+static int convert_action(const char *s)
+{
+ enum {NONE=0, ACCEPT, DENY} action = NONE;
+
+ if (s != NULL) {
+ if (STREQC(s, "accept"))
+ action = ACCEPT;
+ else if (STREQC(s, "drop") || STREQC(s, "reject"))
+ action = DENY;
+ }
+ return action;
+}
+
static CMPIInstance *convert_mac_rule_to_instance(
struct acl_rule *rule,
const CMPIBroker *broker,
@@ -169,7 +182,7 @@
CMPIInstance *inst = NULL;
const char *sys_name = NULL;
const char *sys_ccname = NULL;
- int direction, priority = 0;
+ int action, direction, priority = 0;
unsigned int bytes[48];
unsigned int size = 0;
CMPIArray *array = NULL;
@@ -203,6 +216,9 @@
CMSetProperty(inst, "SystemCreationClassName", sys_ccname,
CMPI_chars);
CMSetProperty(inst, "Name", (CMPIValue *)rule->name, CMPI_chars);
+ action = convert_action(rule->action);
+ CMSetProperty(inst, "Action", (CMPIValue *)&action, CMPI_uint16);
+
direction = convert_direction(rule->direction);
CMSetProperty(inst, "Direction", (CMPIValue *)&direction,
CMPI_uint16);
@@ -259,7 +275,7 @@
CMPIInstance *inst = NULL;
const char *sys_name = NULL;
const char *sys_ccname = NULL;
- int direction, priority = 0;
+ int action, direction, priority = 0;
unsigned int bytes[48];
unsigned int size = 0;
unsigned int n = 0;
@@ -293,6 +309,9 @@
CMSetProperty(inst, "SystemCreationClassName", sys_ccname,
CMPI_chars);
CMSetProperty(inst, "Name", (CMPIValue *)rule->name, CMPI_chars);
+ action = convert_action(rule->action);
+ CMSetProperty(inst, "Action", (CMPIValue *)&action, CMPI_uint16);
+
direction = convert_direction(rule->direction);
CMSetProperty(inst, "Direction", (CMPIValue *)&direction,
CMPI_uint16);
4:08 p.m.
+1. Pushed.
On 08/24/2011 12:26 PM, Eduardo Lima (Etrunko) wrote:
# HG changeset patch
# User Eduardo Lima (Etrunko)<eblima(a)br.ibm.com>
# Date 1311872160 10800
# Node ID 4d837e60bb82daa73bba8e13bbab9041fc7632ee
# Parent 277b56b3863b5f81a3faa18aeb7b9951b963b489
ACL: Add 'Action' property to KVM_{IPHeaders,Hdr8021}Filter
This property should be defined in the CIM_FilterEntryBase parent class
(would also apply to 'Direction' and 'Priority' properties),
considering
the fact that, according to libvirt documentation, the 'action' attribute
of a rule is mandatory. For reference please check:
http://libvirt.org/formatnwfilter.html#nwfelemsRules
Signed-off-by: Eduardo Lima (Etrunko)<eblima(a)br.ibm.com>
diff --git a/schema/FilterEntry.mof b/schema/FilterEntry.mof
--- a/schema/FilterEntry.mof
+++ b/schema/FilterEntry.mof
@@ -2,6 +2,14 @@
[Provider("cmpi::Virt_FilterEntry")]
class KVM_Hdr8021Filter : CIM_Hdr8021Filter
{
+ [Description (
+ "This defines whether the action should be to forward or "
+ "deny traffic meeting the match condition specified in "
+ "this filter." ),
+ ValueMap { "1", "2" },
+ Values { "Permit", "Deny" }]
+ uint16 Action;
+
[Description("This defines whether the Filter is used for input, "
"output, or both input and output filtering. All values are "
"used with respect to the interface for which the Filter "
@@ -32,6 +40,14 @@
[Provider("cmpi::Virt_FilterEntry")]
class KVM_IPHeadersFilter : CIM_IPHeadersFilter
{
+ [Description (
+ "This defines whether the action should be to forward or "
+ "deny traffic meeting the match condition specified in "
+ "this filter." ),
+ ValueMap { "1", "2" },
+ Values { "Permit", "Deny" }]
+ uint16 Action;
+
[Description("This defines whether the Filter is used for input, "
"output, or both input and output filtering. All values are "
"used with respect to the interface for which the Filter "
diff --git a/src/Virt_FilterEntry.c b/src/Virt_FilterEntry.c
--- a/src/Virt_FilterEntry.c
+++ b/src/Virt_FilterEntry.c
@@ -159,6 +159,19 @@
return priority;
}
+static int convert_action(const char *s)
+{
+ enum {NONE=0, ACCEPT, DENY} action = NONE;
+
+ if (s != NULL) {
+ if (STREQC(s, "accept"))
+ action = ACCEPT;
+ else if (STREQC(s, "drop") || STREQC(s, "reject"))
+ action = DENY;
+ }
+ return action;
+}
+
static CMPIInstance *convert_mac_rule_to_instance(
struct acl_rule *rule,
const CMPIBroker *broker,
@@ -169,7 +182,7 @@
CMPIInstance *inst = NULL;
const char *sys_name = NULL;
const char *sys_ccname = NULL;
- int direction, priority = 0;
+ int action, direction, priority = 0;
unsigned int bytes[48];
unsigned int size = 0;
CMPIArray *array = NULL;
@@ -203,6 +216,9 @@
CMSetProperty(inst, "SystemCreationClassName", sys_ccname,
CMPI_chars);
CMSetProperty(inst, "Name", (CMPIValue *)rule->name, CMPI_chars);
+ action = convert_action(rule->action);
+ CMSetProperty(inst, "Action", (CMPIValue *)&action, CMPI_uint16);
+
direction = convert_direction(rule->direction);
CMSetProperty(inst, "Direction", (CMPIValue *)&direction,
CMPI_uint16);
@@ -259,7 +275,7 @@
CMPIInstance *inst = NULL;
const char *sys_name = NULL;
const char *sys_ccname = NULL;
- int direction, priority = 0;
+ int action, direction, priority = 0;
unsigned int bytes[48];
unsigned int size = 0;
unsigned int n = 0;
@@ -293,6 +309,9 @@
CMSetProperty(inst, "SystemCreationClassName", sys_ccname,
CMPI_chars);
CMSetProperty(inst, "Name", (CMPIValue *)rule->name, CMPI_chars);
+ action = convert_action(rule->action);
+ CMSetProperty(inst, "Action", (CMPIValue *)&action, CMPI_uint16);
+
direction = convert_direction(rule->direction);
CMSetProperty(inst, "Direction", (CMPIValue *)&direction,
CMPI_uint16);
_______________________________________________
Libvirt-cim mailing list
Libvirt-cim(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvirt-cim
--
Chip Vincent
Open Virtualization
IBM Linux Technology Center
cvincent(a)linux.vnet.ibm.com
4793
days inactive
4820
days old
1 comments
2 participants
participants (2)
-
Chip Vincent -
Eduardo Lima (Etrunko)