Re: [libvirt] [PATCH v3 0/4] don't masquerade local broadcast/multicast packets
On 09/24/13 02:03, Laszlo Ersek wrote:
v2->v3 changes:
- Rename iptables(Add|Remove)ForwardDontMasquerade to
iptables(Add|Remove)DontMasquerade [Laine].
- Pass (address, prefix) pairs as both source and destination parameters
to these functions.
- Introduce virPfxSocketAddr structure for simpler handling of said
(address, prefix) pairs.
- Also prevent masquerading of directed broadcast [Laine].
- Start to get serious about pointers-to-const.
OK, let me summarize the comments still standing:
For v2:
- Laine wants the functions added in patch #1 renamed.
http://thread.gmane.org/gmane.comp.emulators.libvirt/85709/focus=85715
For v3:
- Missing address family check for @dst in iptablesDontMasquerade() in
patch #2 [Laine]
http://thread.gmane.org/gmane.comp.emulators.libvirt/85751/focus=85772
- Drop the sa_assert()s in networkFillMasqExceptions() in patch #4
[Laine]
http://thread.gmane.org/gmane.comp.emulators.libvirt/85751/focus=85774
- Drop the address-dependent broadcast rule in patch #4 [Laine] same
message
The address-dependent broadcast rule in patch #4 (that couldn't be
hard-coded) was the reason for all of the new code between v2 and v3. If
I drop that iptables rule, but keep the rest of v3, I'll be thrashing a
bunch of code around for no good reason.
I might as well fix up v2 as requested originally, and submit that as
v4.
What do you recommend? I think fixing up v2 with the renames is a better
approach. I'm fine either way, I'd just like to get this merged and stop
wasting the time of y'all.
Thanks!
Laszlo