[libvirt] [PATCHv3] Fix Memory Leak in virQEMUCapsInitGuestFromBinary()
by Nehal J Wani
While running qemucaps2xmltest, it was found that valgrind pointed out
the following memory leaks:
==29896== 0 bytes in 1 blocks are definitely lost in loss record 1 of 65
==29896== at 0x4A0577B: calloc (vg_replace_malloc.c:593)
==29896== by 0x4C6B45E: virAllocN (viralloc.c:191)
==29896== by 0x4232A9: virQEMUCapsGetMachineTypesCaps (qemu_capabilities.c:1999)
==29896== by 0x4234E7: virQEMUCapsInitGuestFromBinary (qemu_capabilities.c:789)
==29896== by 0x41F10B: testQemuCapsXML (qemucaps2xmltest.c:118)
==29896== by 0x41FFD1: virtTestRun (testutils.c:201)
==29896== by 0x41EE7A: mymain (qemucaps2xmltest.c:203)
==29896== by 0x42074D: virtTestMain (testutils.c:789)
==29896== by 0x3E6CE1ED1C: (below main) (libc-start.c:226)
==29896==
==29896== 0 bytes in 1 blocks are definitely lost in loss record 2 of 65
==29896== at 0x4A0577B: calloc (vg_replace_malloc.c:593)
==29896== by 0x4C6B45E: virAllocN (viralloc.c:191)
==29896== by 0x4232A9: virQEMUCapsGetMachineTypesCaps (qemu_capabilities.c:1999)
==29896== by 0x4234E7: virQEMUCapsInitGuestFromBinary (qemu_capabilities.c:789)
==29896== by 0x41F10B: testQemuCapsXML (qemucaps2xmltest.c:118)
==29896== by 0x41FFD1: virtTestRun (testutils.c:201)
==29896== by 0x41EEA3: mymain (qemucaps2xmltest.c:204)
==29896== by 0x42074D: virtTestMain (testutils.c:789)
==29896== by 0x3E6CE1ED1C: (below main) (libc-start.c:226)
---
Based on Daniel's comments.
v2: https://www.redhat.com/archives/libvir-list/2014-March/msg01672.html
v1: https://www.redhat.com/archives/libvir-list/2014-March/msg01667.html
src/qemu/qemu_capabilities.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 7673592..e4c1cbd 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -1996,10 +1996,12 @@ int virQEMUCapsGetMachineTypesCaps(virQEMUCapsPtr qemuCaps,
*nmachines = 0;
*machines = NULL;
- if (VIR_ALLOC_N(*machines, qemuCaps->nmachineTypes) < 0)
- goto error;
*nmachines = qemuCaps->nmachineTypes;
+ if (*nmachines &&
+ VIR_ALLOC_N(*machines, qemuCaps->nmachineTypes) < 0)
+ goto error;
+
for (i = 0; i < qemuCaps->nmachineTypes; i++) {
virCapsGuestMachinePtr mach;
if (VIR_ALLOC(mach) < 0)
--
1.7.1
10 years, 7 months
[libvirt] [PATCH] util: fix a typo in virprocess.c
by Hongwei Bi
s/forcably/forcibly
Signed-off-by: Hongwei Bi <hwbi2008(a)gmail.com>
---
src/util/virprocess.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/util/virprocess.c b/src/util/virprocess.c
index 405ad06..9179d73 100644
--- a/src/util/virprocess.c
+++ b/src/util/virprocess.c
@@ -283,7 +283,7 @@ int virProcessKill(pid_t pid, int sig)
* Try to kill the process and verify it has exited
*
* Returns 0 if it was killed gracefully, 1 if it
- * was killed forcably, -1 if it is still alive,
+ * was killed forcibly, -1 if it is still alive,
* or another error occurred.
*/
int
--
1.7.9.5
10 years, 7 months
[libvirt] [PATCH] Modify help information of virsh list command
by Li Yang
Use 'virsh list domain --title' option can get domain's title,
not description, the original help information 'show short
domain description' will confuse users, so modify it to
'show domain title'
Signed-off-by: Li Yang <liyang.fnst(a)cn.fujitsu.com>
---
tools/virsh-domain-monitor.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tools/virsh-domain-monitor.c b/tools/virsh-domain-monitor.c
index de4afbb..5d19388 100644
--- a/tools/virsh-domain-monitor.c
+++ b/tools/virsh-domain-monitor.c
@@ -1753,7 +1753,7 @@ static const vshCmdOptDef opts_list[] = {
},
{.name = "title",
.type = VSH_OT_BOOL,
- .help = N_("show short domain description")
+ .help = N_("show domain title")
},
{.name = NULL}
};
--
1.7.1
10 years, 7 months
[libvirt] [PATCH] docs: cgroups: fix typo about LXC cgroups
by Jean-Baptiste Rouault
---
docs/cgroups.html.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/docs/cgroups.html.in b/docs/cgroups.html.in
index f7c2450..33de453 100644
--- a/docs/cgroups.html.in
+++ b/docs/cgroups.html.in
@@ -33,9 +33,9 @@
<p>
The LXC driver is capable of using the <code>cpuset</code>,
- <code>cpu</code>, <code>cpuset</code>, <code>freezer</code>,
+ <code>cpu</code>, <code>cpuacct</code>, <code>freezer</code>,
<code>memory</code>, <code>blkio</code> and <code>devices</code>
- controllers. The <code>cpuset</code>, <code>devices</code>
+ controllers. The <code>cpuacct</code>, <code>devices</code>
and <code>memory</code> controllers are compulsory. Without
them mounted, no containers can be started. If any of the
other controllers are not mounted, the resource management APIs
--
1.8.5.3
10 years, 7 months
[libvirt] [PATCH] libvirt-tck: 052-domain-hook.t - reload after hook cleanup
by Mike Latimer
Reload libvirtd after hook testing has completed. Otherwise, libvirtd
is still expecting hook test scripts to exist.
---
scripts/hooks/052-domain-hook.t | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/scripts/hooks/052-domain-hook.t b/scripts/hooks/052-domain-hook.t
index 90b8a48..d1070b5 100644
--- a/scripts/hooks/052-domain-hook.t
+++ b/scripts/hooks/052-domain-hook.t
@@ -180,4 +180,8 @@ SKIP: {
Sys::Virt::Error::ERR_NO_DOMAIN);
$hook->cleanup();
+
+ diag "reload libvirtd after hook cleanup";
+ $hook->action('reload');
+ $hook->service_libvirtd();
};
--
1.8.4.5
10 years, 7 months
[libvirt] question for qemu migrate fail by virDomainMigrate API
by Wangrui (K)
Hi everyone,
when I use the API virDomainMigrate to do migration operation in KVM environment(libvirt1.1.0 qemu1.5.1), I encountered with some problems.
I found that If the connection to source side is disconnected in the BEGIN phase of a migration, the migration job would fail.
Further more, the following-up migration of the same VM would not be successful until restart libvirtd.
The error log:
libvirtd : 8406: error : virQEMUCloseCallbacksSet:781 : internal error Close callback for domain myvm1 already registered with another connection 0x7f023801a900
libvirt: Domain Config error : Requested operation is not valid: domain is already active as 'myvm1'
I got the above error by following steps:
step 1 : migrate VM.
step 2 : disconnect the client connection to source libvirtd at once ,such as ctrl+c.
step 3 : the migrate API returns fail.
step 4 : migrate this VM again , fails and reports above error.
The reason causing this problem may be:
In the BEGIN phase of a migraion, it registers a close callback through virQEMUCloseCallbacksSet function.
In the normal flow of migration, the registered callback is cleanup in the PERFORM and CONFIRM phase.
But if the connection to source side is disconnected before PERFORM phase or between PERFORM phase and CONFIRM phase,
the close callback will not be cleanup, and the problem mentioned above occurs.
I have test it on libvirt1.2.2, it also happens.
I tried, but could not find a good way to solve this problem. Does anyone have any good ideas? Thanks!
10 years, 7 months
[libvirt] libvirt Wiki account creation request
by Sophoklis Goumas
> ...
>
> We still welcome contributions from anyone interested in updating
> content. Simply send an email to the main libvirt development list
> asking for an account and one will be created for you with as little
> delay as practical.
>
> ...
Hence,
Sophoklis
10 years, 7 months
[libvirt] [PATCH] Remove illegal values in nwfilter test XML/firewall files
by Daniel P. Berrange
A number of the nwfilter XML files have attribute values
which are out of range. Previously the libvirt nwfilter
XML parser would silently ignore illegal values, causing
them to default to 0. This resulted in creating incorrect
iptables rules, which the TCK suite then validated as
correct. Current libvirt returns a hard error for illegal
XML values. To address this we either change the attribute
values to be valid, or delete the bogus rules entirely if
they are duplicates of other existing valid rules.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall | 1 -
scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall | 6 +++---
scripts/nwfilter/nwfilterxml2fwallout/hex-data-test.fwall | 6 +++---
scripts/nwfilter/nwfilterxml2fwallout/icmp-test.fwall | 3 ---
scripts/nwfilter/nwfilterxml2fwallout/icmpv6-test.fwall | 4 +---
scripts/nwfilter/nwfilterxml2fwallout/ip-test.fwall | 4 +---
scripts/nwfilter/nwfilterxml2fwallout/mac-test.fwall | 1 -
scripts/nwfilter/nwfilterxml2fwallout/rarp-test.fwall | 1 -
scripts/nwfilter/nwfilterxml2fwallout/udp-ipv6-test.fwall | 6 +++---
scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall | 1 -
scripts/nwfilter/nwfilterxml2xmlin/ah-ipv6-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/all-ipv6-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/arp-test.xml | 5 -----
scripts/nwfilter/nwfilterxml2xmlin/comment-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/esp-ipv6-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/hex-data-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/icmp-test.xml | 5 -----
scripts/nwfilter/nwfilterxml2xmlin/icmpv6-test.xml | 4 ++--
scripts/nwfilter/nwfilterxml2xmlin/ip-test.xml | 8 +-------
scripts/nwfilter/nwfilterxml2xmlin/ipv6-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/mac-test.xml | 4 ----
scripts/nwfilter/nwfilterxml2xmlin/rarp-test.xml | 5 -----
scripts/nwfilter/nwfilterxml2xmlin/sctp-ipv6-test.xml | 4 ++--
scripts/nwfilter/nwfilterxml2xmlin/sctp-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/tcp-ipv6-test.xml | 4 ++--
scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/udp-ipv6-test.xml | 6 +++---
scripts/nwfilter/nwfilterxml2xmlin/udp-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/udplite-ipv6-test.xml | 2 +-
scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml | 7 -------
30 files changed, 31 insertions(+), 74 deletions(-)
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall
index 6ff4eb9..34174a0 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall
@@ -3,7 +3,6 @@
-p ARP -s 1:2:3:4:5:6 --arp-op Request --arp-htype 255 --arp-ptype 0xff -j ACCEPT
-p ARP -s 1:2:3:4:5:6 --arp-op 11 --arp-htype 256 --arp-ptype 0x100 -j ACCEPT
-p ARP -s 1:2:3:4:5:6 --arp-op 65535 --arp-htype 65535 --arp-ptype 0xffff -j ACCEPT
--p ARP -s 1:2:3:4:5:6 -j ACCEPT
#ebtables -t nat -L libvirt-O-vnet0 | grep -v "^Bridge" | grep -v "^$"
-p ARP --arp-gratuitous -j ACCEPT
#ebtables -t nat -L PREROUTING | grep vnet0
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall
index 6ef30a5..842f3bb 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall
@@ -31,21 +31,21 @@ FO-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-out vnet0 --p
#ip6tables -L FI-vnet0 -n
Chain FI-vnet0 (1 references)
target prot opt source destination
-RETURN tcp ::/0 a:b:c::/128 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL/* tcp/ipv6 rule */
+RETURN tcp ::/0 a:b:c::/128 DSCP match 0x39 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL/* tcp/ipv6 rule */
RETURN udp ::/0 ::/0 state ESTABLISHED ctdir ORIGINAL/* `ls`;${COLUMNS};$(ls);"test";&'3 spaces' */
RETURN sctp ::/0 ::/0 state ESTABLISHED ctdir ORIGINAL/* comment with lone ', `, ", `, \, $x, and two spaces */
RETURN ah ::/0 ::/0 state ESTABLISHED ctdir ORIGINAL/* tmp=`mktemp`; echo ${RANDOM} > ${tmp} ; cat < ${tmp}; rm -f ${tmp} */
#ip6tables -L FO-vnet0 -n
Chain FO-vnet0 (1 references)
target prot opt source destination
-ACCEPT tcp a:b:c::/128 ::/0 MAC 01:02:03:04:05:06 tcp spts:32:33 dpts:256:4369 state NEW,ESTABLISHED ctdir REPLY/* tcp/ipv6 rule */
+ACCEPT tcp a:b:c::/128 ::/0 MAC 01:02:03:04:05:06 DSCP match 0x39 tcp spts:32:33 dpts:256:4369 state NEW,ESTABLISHED ctdir REPLY/* tcp/ipv6 rule */
ACCEPT udp ::/0 ::/0 state NEW,ESTABLISHED ctdir REPLY/* `ls`;${COLUMNS};$(ls);"test";&'3 spaces' */
ACCEPT sctp ::/0 ::/0 state NEW,ESTABLISHED ctdir REPLY/* comment with lone ', `, ", `, \, $x, and two spaces */
ACCEPT ah ::/0 ::/0 state NEW,ESTABLISHED ctdir REPLY/* tmp=`mktemp`; echo ${RANDOM} > ${tmp} ; cat < ${tmp}; rm -f ${tmp} */
#ip6tables -L HI-vnet0 -n
Chain HI-vnet0 (1 references)
target prot opt source destination
-RETURN tcp ::/0 a:b:c::/128 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL/* tcp/ipv6 rule */
+RETURN tcp ::/0 a:b:c::/128 DSCP match 0x39 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL/* tcp/ipv6 rule */
RETURN udp ::/0 ::/0 state ESTABLISHED ctdir ORIGINAL/* `ls`;${COLUMNS};$(ls);"test";&'3 spaces' */
RETURN sctp ::/0 ::/0 state ESTABLISHED ctdir ORIGINAL/* comment with lone ', `, ", `, \, $x, and two spaces */
RETURN ah ::/0 ::/0 state ESTABLISHED ctdir ORIGINAL/* tmp=`mktemp`; echo ${RANDOM} > ${tmp} ; cat < ${tmp}; rm -f ${tmp} */
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/hex-data-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/hex-data-test.fwall
index 66b0b71..2ed979e 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/hex-data-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/hex-data-test.fwall
@@ -31,15 +31,15 @@ FO-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-out vnet0 --p
#ip6tables -L FI-vnet0 -n
Chain FI-vnet0 (1 references)
target prot opt source destination
-RETURN tcp ::/0 a:b:c::/128 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL
+RETURN tcp ::/0 a:b:c::/128 DSCP match 0x39 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL
#ip6tables -L FO-vnet0 -n
Chain FO-vnet0 (1 references)
target prot opt source destination
-ACCEPT tcp a:b:c::/128 ::/0 MAC 01:02:03:04:05:06 tcp spts:32:33 dpts:256:4369 state NEW,ESTABLISHED ctdir REPLY
+ACCEPT tcp a:b:c::/128 ::/0 MAC 01:02:03:04:05:06 DSCP match 0x39 tcp spts:32:33 dpts:256:4369 state NEW,ESTABLISHED ctdir REPLY
#ip6tables -L HI-vnet0 -n
Chain HI-vnet0 (1 references)
target prot opt source destination
-RETURN tcp ::/0 a:b:c::/128 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL
+RETURN tcp ::/0 a:b:c::/128 DSCP match 0x39 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL
#ip6tables -L libvirt-host-in -n | grep vnet0 | tr -s " "
HI-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-in vnet0
#ip6tables -L libvirt-in -n | grep vnet0 | tr -s " "
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/icmp-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/icmp-test.fwall
index e5f84e5..afdd95b 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/icmp-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/icmp-test.fwall
@@ -2,17 +2,14 @@
Chain FI-vnet0 (1 references)
target prot opt source destination
RETURN icmp -- 0.0.0.0/0 10.1.2.3 MAC 01:02:03:04:05:06 DSCP match 0x02icmp type 12 code 11 state NEW,ESTABLISHED
-RETURN icmp -- 0.0.0.0/0 10.1.0.0/22 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL
#iptables -L FO-vnet0 -n
Chain FO-vnet0 (1 references)
target prot opt source destination
ACCEPT icmp -- 10.1.0.0/22 0.0.0.0/0 MAC 01:02:03:04:05:06 DSCP match 0x21icmp type 255 code 255 state NEW,ESTABLISHED
-ACCEPT icmp -- 10.1.0.0/22 0.0.0.0/0 MAC 01:02:03:04:05:06 DSCP match 0x21state NEW,ESTABLISHED ctdir REPLY
#iptables -L HI-vnet0 -n
Chain HI-vnet0 (1 references)
target prot opt source destination
RETURN icmp -- 0.0.0.0/0 10.1.2.3 MAC 01:02:03:04:05:06 DSCP match 0x02icmp type 12 code 11 state NEW,ESTABLISHED
-RETURN icmp -- 0.0.0.0/0 10.1.0.0/22 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL
#iptables -L libvirt-host-in -n | grep vnet0 | tr -s " "
HI-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-in vnet0
#iptables -L libvirt-in -n | grep vnet0 | tr -s " "
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/icmpv6-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/icmpv6-test.fwall
index ed8eee0..4749f84 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/icmpv6-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/icmpv6-test.fwall
@@ -2,17 +2,15 @@
Chain FI-vnet0 (1 references)
target prot opt source destination
RETURN icmpv6 f:e:d::c:b:a/127 a:b:c::d:e:f/128 MAC 01:02:03:04:05:06 DSCP match 0x02ipv6-icmp type 12 code 11 state NEW,ESTABLISHED
-RETURN icmpv6 ::/0 ::10.1.2.3/128 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL
#ip6tables -L FO-vnet0 -n
Chain FO-vnet0 (1 references)
target prot opt source destination
ACCEPT icmpv6 a:b:c::/128 ::/0 MAC 01:02:03:04:05:06 DSCP match 0x21ipv6-icmp type 255 code 255 state NEW,ESTABLISHED
-ACCEPT icmpv6 ::10.1.2.3/128 ::/0 MAC 01:02:03:04:05:06 DSCP match 0x21state NEW,ESTABLISHED ctdir REPLY
+ACCEPT icmpv6 ::10.1.2.3/128 ::/0 MAC 01:02:03:04:05:06 DSCP match 0x21ipv6-icmp type 255 code 255 state NEW,ESTABLISHED
#ip6tables -L HI-vnet0 -n
Chain HI-vnet0 (1 references)
target prot opt source destination
RETURN icmpv6 f:e:d::c:b:a/127 a:b:c::d:e:f/128 MAC 01:02:03:04:05:06 DSCP match 0x02ipv6-icmp type 12 code 11 state NEW,ESTABLISHED
-RETURN icmpv6 ::/0 ::10.1.2.3/128 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL
#ip6tables -L INPUT -n --line-numbers | grep libvirt
1 libvirt-host-in all ::/0 ::/0
#ip6tables -L libvirt-host-in -n | grep vnet0 | tr -s " "
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/ip-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/ip-test.fwall
index f3cd49b..dbd6497 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/ip-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/ip-test.fwall
@@ -5,8 +5,6 @@
#ebtables -t nat -L libvirt-I-vnet0 | grep -v "^Bridge" | grep -v "^$"
-p IPv4 -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --ip-src 10.1.2.3 --ip-dst 10.1.2.3 --ip-proto udp --ip-sport 20:22 --ip-dport 100:101 -j ACCEPT
-p IPv4 --ip-src 10.1.0.0/17 --ip-dst 10.1.2.0/24 --ip-tos 0x3F --ip-proto udp -j ACCEPT
--p IPv4 --ip-src 10.1.2.2/31 --ip-dst 10.1.2.3 -j ACCEPT
#ebtables -t nat -L libvirt-O-vnet0 | grep -v "^Bridge" | grep -v "^$"
--p IPv4 --ip-src 10.1.2.2/31 --ip-dst 10.1.2.0/25 --ip-proto 255 -j ACCEPT
--p IPv4 --ip-src 10.1.2.3 --ip-dst 10.1.2.2/31 -j ACCEPT
+-p IPv4 --ip-src 10.1.2.2/31 --ip-dst 10.1.2.0/25 --ip-tos 0x3F --ip-proto 255 -j ACCEPT
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/mac-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/mac-test.fwall
index 2dd7952..bb00629 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/mac-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/mac-test.fwall
@@ -7,6 +7,5 @@
#ebtables -t nat -L libvirt-O-vnet0 | grep -v "^Bridge" | grep -v "^$"
-p IPv4 -d aa:bb:cc:dd:ee:ff -j ACCEPT
-p 0x600 -d aa:bb:cc:dd:ee:ff -j ACCEPT
--d aa:bb:cc:dd:ee:ff -j ACCEPT
-p 0xffff -d aa:bb:cc:dd:ee:ff -j ACCEPT
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/rarp-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/rarp-test.fwall
index 77d9806..e0d9c8c 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/rarp-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/rarp-test.fwall
@@ -3,7 +3,6 @@
-p RARP -s 1:2:3:4:5:6 --arp-op Request --arp-htype 255 --arp-ptype 0xff -j ACCEPT
-p RARP -s 1:2:3:4:5:6 --arp-op 11 --arp-htype 256 --arp-ptype 0x100 -j ACCEPT
-p RARP -s 1:2:3:4:5:6 --arp-op 65535 --arp-htype 65535 --arp-ptype 0xffff -j ACCEPT
--p RARP -s 1:2:3:4:5:6 -j ACCEPT
#ebtables -t nat -L PREROUTING | grep vnet0
-i vnet0 -j libvirt-I-vnet0
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/udp-ipv6-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/udp-ipv6-test.fwall
index dd7b19c..0a75421 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/udp-ipv6-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/udp-ipv6-test.fwall
@@ -2,19 +2,19 @@
Chain FI-vnet0 (1 references)
target prot opt source destination
RETURN udp ::/0 a:b:c::d:e:f/128 MAC 01:02:03:04:05:06 DSCP match 0x02state NEW,ESTABLISHED ctdir REPLY
-RETURN udp ::/0 ::/0 DSCP match 0x21udp spts:100:1111 dpts:20:21 state ESTABLISHED ctdir ORIGINAL
+RETURN udp ::/0 ::a:b:c/128 DSCP match 0x21udp spts:100:1111 dpts:20:21 state ESTABLISHED ctdir ORIGINAL
RETURN udp ::/0 ::10.1.2.3/128 DSCP match 0x3fudp spt:65535 dpts:255:256 state ESTABLISHED ctdir ORIGINAL
#ip6tables -L FO-vnet0 -n
Chain FO-vnet0 (1 references)
target prot opt source destination
ACCEPT udp a:b:c::d:e:f/128 ::/0 DSCP match 0x02state ESTABLISHED ctdir ORIGINAL
-ACCEPT udp ::/0 ::/0 MAC 01:02:03:04:05:06 DSCP match 0x21udp spts:20:21 dpts:100:1111 state NEW,ESTABLISHED ctdir REPLY
+ACCEPT udp ::a:b:c/128 ::/0 MAC 01:02:03:04:05:06 DSCP match 0x21udp spts:20:21 dpts:100:1111 state NEW,ESTABLISHED ctdir REPLY
ACCEPT udp ::10.1.2.3/128 ::/0 MAC 01:02:03:04:05:06 DSCP match 0x3fudp spts:255:256 dpt:65535 state NEW,ESTABLISHED ctdir REPLY
#ip6tables -L HI-vnet0 -n
Chain HI-vnet0 (1 references)
target prot opt source destination
RETURN udp ::/0 a:b:c::d:e:f/128 MAC 01:02:03:04:05:06 DSCP match 0x02state NEW,ESTABLISHED ctdir REPLY
-RETURN udp ::/0 ::/0 DSCP match 0x21udp spts:100:1111 dpts:20:21 state ESTABLISHED ctdir ORIGINAL
+RETURN udp ::/0 ::a:b:c/128 DSCP match 0x21udp spts:100:1111 dpts:20:21 state ESTABLISHED ctdir ORIGINAL
RETURN udp ::/0 ::10.1.2.3/128 DSCP match 0x3fudp spt:65535 dpts:255:256 state ESTABLISHED ctdir ORIGINAL
#ip6tables -L INPUT -n --line-numbers | grep libvirt
1 libvirt-host-in all ::/0 ::/0
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall
index 603f470..a2fbfd3 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall
+++ b/scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall
@@ -7,7 +7,6 @@
-p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --vlan-id 291 -j CONTINUE
-p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --vlan-id 1234 -j RETURN
-p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --vlan-id 291 -j DROP
--p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff -j ACCEPT
#ebtables -t nat -L PREROUTING | grep vnet0
-i vnet0 -j libvirt-I-vnet0
#ebtables -t nat -L POSTROUTING | grep vnet0
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/ah-ipv6-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/ah-ipv6-test.xml
index 07d1ffe..95ebbc9 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/ah-ipv6-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/ah-ipv6-test.xml
@@ -13,7 +13,7 @@
</rule>
<rule action='accept' direction='in'>
<ah-ipv6 srcmacaddr='1:2:3:4:5:6'
- srcipaddr='::10.1.2.3' srcipmask='129'
+ srcipaddr='::10.1.2.3' srcipmask='128'
dscp='33'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/all-ipv6-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/all-ipv6-test.xml
index eb39bc3..5cf3519 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/all-ipv6-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/all-ipv6-test.xml
@@ -13,7 +13,7 @@
</rule>
<rule action='accept' direction='in'>
<all-ipv6 srcmacaddr='1:2:3:4:5:6'
- srcipaddr='::10.1.2.3' srcipmask='129'
+ srcipaddr='::10.1.2.3' srcipmask='128'
dscp='33'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/arp-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/arp-test.xml
index 2e08b32..d0abf94 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/arp-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/arp-test.xml
@@ -26,11 +26,6 @@
opcode='65535' hwtype='65535' protocoltype='65535' />
</rule>
- <rule action='accept' direction='out'>
- <arp srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
- opcode='65536' hwtype='65536' protocoltype='65536' />
- </rule>
-
<rule action='accept' direction='in'>
<arp gratuitous='true'/>
</rule>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/comment-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/comment-test.xml
index af5c5cc..a154a17 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/comment-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/comment-test.xml
@@ -50,7 +50,7 @@
<rule action='accept' direction='in'>
<tcp-ipv6 srcmacaddr='1:2:3:4:5:6'
srcipaddr='a:b:c::' srcipmask='128'
- dscp='0x40'
+ dscp='0x39'
srcportstart='0x20' srcportend='0x21'
dstportstart='0x100' dstportend='0x1111'
comment='tcp/ipv6 rule'/>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/esp-ipv6-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/esp-ipv6-test.xml
index 4dd9b98..295d0f9 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/esp-ipv6-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/esp-ipv6-test.xml
@@ -13,7 +13,7 @@
</rule>
<rule action='accept' direction='in'>
<esp-ipv6 srcmacaddr='1:2:3:4:5:6'
- srcipaddr='::10.1.2.3' srcipmask='129'
+ srcipaddr='::10.1.2.3' srcipmask='128'
dscp='33'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/hex-data-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/hex-data-test.xml
index d2da079..45df451 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/hex-data-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/hex-data-test.xml
@@ -48,7 +48,7 @@
<rule action='accept' direction='in'>
<tcp-ipv6 srcmacaddr='1:2:3:4:5:6'
srcipaddr='a:b:c::' srcipmask='128'
- dscp='0x40'
+ dscp='0x39'
srcportstart='0x20' srcportend='0x21'
dstportstart='0x100' dstportend='0x1111'/>
</rule>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/icmp-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/icmp-test.xml
index 90f852b..fff5d42 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/icmp-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/icmp-test.xml
@@ -10,9 +10,4 @@
srcipaddr='10.1.2.3' srcipmask='22'
dscp='33' type='255' code='255'/>
</rule>
- <rule action='accept' direction='in'>
- <icmp srcmacaddr='1:2:3:4:5:6'
- srcipaddr='10.1.2.3' srcipmask='22'
- dscp='33' type='256' code='256'/>
- </rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/icmpv6-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/icmpv6-test.xml
index 01dc6e2..9d24826 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/icmpv6-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/icmpv6-test.xml
@@ -13,7 +13,7 @@
</rule>
<rule action='accept' direction='in'>
<icmpv6 srcmacaddr='1:2:3:4:5:6'
- srcipaddr='::10.1.2.3' srcipmask='129'
- dscp='33' type='256' code='256'/>
+ srcipaddr='::10.1.2.3' srcipmask='128'
+ dscp='33' type='255' code='255'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/ip-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/ip-test.xml
index 0a744a2..da362a1 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/ip-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/ip-test.xml
@@ -21,14 +21,8 @@
<rule action='accept' direction='in'>
<ip srcipaddr='10.1.2.3' srcipmask='255.255.255.254'
dstipaddr='10.1.2.3' dstipmask='255.255.255.128'
- protocol='255' dscp='64'
+ protocol='255' dscp='63'
/>
</rule>
- <rule action='accept' direction='inout'>
- <ip srcipaddr='10.1.2.3' srcipmask='255.255.255.127'
- dstipaddr='10.1.2.3' dstipmask='255.255.255.254'
- protocol='256' dscp='64'
- />
- </rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/ipv6-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/ipv6-test.xml
index 7fa7181..9f67bea 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/ipv6-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/ipv6-test.xml
@@ -28,7 +28,7 @@
dstipmask='ffff:ffff:ffff:ffff:8000::'
protocol='6'
srcportstart='255' srcportend='256'
- dstportstart='65535' dstportend='65536'
+ dstportstart='65535' dstportend='65535'
/>
</rule>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/mac-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/mac-test.xml
index 8f9565c..2aec935 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/mac-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/mac-test.xml
@@ -14,10 +14,6 @@
</rule>
<rule action='accept' direction='in'>
<mac dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
- protocolid='15'/>
- </rule>
- <rule action='accept' direction='in'>
- <mac dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
protocolid='65535'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/rarp-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/rarp-test.xml
index 7b99df0..77c1127 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/rarp-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/rarp-test.xml
@@ -25,9 +25,4 @@
<rarp srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
opcode='65535' hwtype='65535' protocoltype='65535' />
</rule>
-
- <rule action='accept' direction='out'>
- <rarp srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
- opcode='65536' hwtype='65536' protocoltype='65536' />
- </rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/sctp-ipv6-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/sctp-ipv6-test.xml
index 99bf349..d1a57b8 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/sctp-ipv6-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/sctp-ipv6-test.xml
@@ -14,9 +14,9 @@
</rule>
<rule action='accept' direction='in'>
<sctp-ipv6 srcmacaddr='1:2:3:4:5:6'
- srcipaddr='::10.1.2.3' srcipmask='129'
+ srcipaddr='::10.1.2.3' srcipmask='128'
dscp='63'
srcportstart='255' srcportend='256'
- dstportstart='65535' dstportend='65536'/>
+ dstportstart='65535' dstportend='65535'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/sctp-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/sctp-test.xml
index c2f635b..c3c1000 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/sctp-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/sctp-test.xml
@@ -17,6 +17,6 @@
srcipaddr='10.1.2.3' srcipmask='32'
dscp='63'
srcportstart='255' srcportend='256'
- dstportstart='65535' dstportend='65536'/>
+ dstportstart='65535' dstportend='65535'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/tcp-ipv6-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/tcp-ipv6-test.xml
index ecc1d30..d4f24f4 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/tcp-ipv6-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/tcp-ipv6-test.xml
@@ -14,9 +14,9 @@
</rule>
<rule action='accept' direction='in'>
<tcp-ipv6 srcmacaddr='1:2:3:4:5:6'
- srcipaddr='::10.1.2.3' srcipmask='129'
+ srcipaddr='::10.1.2.3' srcipmask='128'
dscp='63'
srcportstart='255' srcportend='256'
- dstportstart='65535' dstportend='65536'/>
+ dstportstart='65535' dstportend='65535'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml
index fc77683..14ebd35 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml
@@ -17,7 +17,7 @@
srcipaddr='10.1.2.3' srcipmask='32'
dscp='63'
srcportstart='255' srcportend='256'
- dstportstart='65535' dstportend='65536'/>
+ dstportstart='65535' dstportend='65535'/>
</rule>
<rule action='accept' direction='in'>
<tcp state='NONE' flags='SYN/ALL'/>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/udp-ipv6-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/udp-ipv6-test.xml
index e8c6ba6..fd4f135 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/udp-ipv6-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/udp-ipv6-test.xml
@@ -7,16 +7,16 @@
</rule>
<rule action='accept' direction='in'>
<udp-ipv6 srcmacaddr='1:2:3:4:5:6'
- srcipaddr='a:b:c' srcipmask='128'
+ srcipaddr='::a:b:c' srcipmask='128'
dscp='33'
srcportstart='20' srcportend='21'
dstportstart='100' dstportend='1111'/>
</rule>
<rule action='accept' direction='in'>
<udp-ipv6 srcmacaddr='1:2:3:4:5:6'
- srcipaddr='::10.1.2.3' srcipmask='129'
+ srcipaddr='::10.1.2.3' srcipmask='128'
dscp='63'
srcportstart='255' srcportend='256'
- dstportstart='65535' dstportend='65536'/>
+ dstportstart='65535' dstportend='65535'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/udp-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/udp-test.xml
index 10ce53d..359dfa2 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/udp-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/udp-test.xml
@@ -17,6 +17,6 @@
srcipaddr='10.1.2.3' srcipmask='32'
dscp='63'
srcportstart='255' srcportend='256'
- dstportstart='65535' dstportend='65536'/>
+ dstportstart='65535' dstportend='65535'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/udplite-ipv6-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/udplite-ipv6-test.xml
index 0763a7d..5b941a2 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/udplite-ipv6-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/udplite-ipv6-test.xml
@@ -13,7 +13,7 @@
</rule>
<rule action='accept' direction='in'>
<udplite-ipv6 srcmacaddr='1:2:3:4:5:6'
- srcipaddr='::10.1.2.3' srcipmask='129'
+ srcipaddr='::10.1.2.3' srcipmask='128'
dscp='33'/>
</rule>
</filter>
diff --git a/scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml b/scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml
index 65ee04b..a5e7b38 100644
--- a/scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml
+++ b/scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml
@@ -21,13 +21,6 @@
/>
</rule>
- <rule action='accept' direction='in'>
- <vlan srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
- dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
- vlanid='0xffff'
- />
- </rule>
-
<rule action='drop' direction='out'>
<vlan srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
--
1.8.5.3
10 years, 7 months
[libvirt] [PATCH] Cope with newer ebtables tools in testvm.fwall.dat
by Daniel P. Berrange
Newer ebtables tools turn 0x8035 into RARP, so our test
file must expect this.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat b/scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat
index b540509..1b5f3ce 100644
--- a/scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat
+++ b/scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat
@@ -2,20 +2,20 @@
-i vnet0 -j libvirt-I-vnet0
#ebtables -t nat -L POSTROUTING | grep vnet0 | grep -v "^Bridge" | grep -v "^$"
-o vnet0 -j libvirt-O-vnet0
-#ebtables -t nat -L libvirt-I-vnet0 | grep -v "^Bridge" | grep -v "^$"
+#ebtables -t nat -L libvirt-I-vnet0 | sed s/0x8035/RARP/g | grep -v "^Bridge" | grep -v "^$"
-j I-vnet0-mac
-p IPv4 -j I-vnet0-ipv4-ip
-p IPv4 -j ACCEPT
-p ARP -j I-vnet0-arp-mac
-p ARP -j I-vnet0-arp-ip
-p ARP -j ACCEPT
--p 0x8035 -j I-vnet0-rarp
+-p RARP -j I-vnet0-rarp
-p 0x835 -j ACCEPT
-j DROP
-#ebtables -t nat -L libvirt-O-vnet0 | grep -v "^Bridge" | grep -v "^$"
+#ebtables -t nat -L libvirt-O-vnet0 | sed s/0x8035/RARP/g | grep -v "^Bridge" | grep -v "^$"
-p IPv4 -j O-vnet0-ipv4
-p ARP -j ACCEPT
--p 0x8035 -j O-vnet0-rarp
+-p RARP -j O-vnet0-rarp
-j DROP
#ebtables -t nat -L I-vnet0-ipv4-ip | grep -v "^Bridge" | grep -v "^$"
-p IPv4 --ip-src 0.0.0.0 --ip-proto udp -j RETURN
--
1.8.5.3
10 years, 7 months
[libvirt] [PATCH v2] libvirt-tck: prefer kvm domains if multiple domain types exist
by Mike Latimer
When matching capabilities of a guest, if multiple domain types exist (for
example, 'qemu' and 'kvm') the order in which they are returned can change.
To avoid unpredictable test results, this patch prefers kvm if that domain
type exists. If not, the behavior matches what existed before, and the first
domain type is returned.
---
lib/Sys/Virt/TCK.pm | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/lib/Sys/Virt/TCK.pm b/lib/Sys/Virt/TCK.pm
index b2c16e7..a3a2732 100644
--- a/lib/Sys/Virt/TCK.pm
+++ b/lib/Sys/Virt/TCK.pm
@@ -502,9 +502,12 @@ sub match_kernel {
my @domains = $caps->guest_domain_types($i);
next unless int(@domains);
- return ($domains[0],
- $caps->guest_domain_emulator($i, $domains[0]),
- $caps->guest_domain_loader($i, $domains[0]));
+ # Prefer kvm if multiple domain types are returned
+ my $domain = (grep /^kvm$/, @domains) ? "kvm" : $domains[0];
+
+ return ($domain,
+ $caps->guest_domain_emulator($i, $domain),
+ $caps->guest_domain_loader($i, $domain));
}
}
--
1.8.4.5
10 years, 7 months