8:36 a.m.
Many nwfilter methods have an 'int stopOnError' parameter but
with 1 exception, the callers always pass '1'. The parameter
can therefore be removed from all except one method. That method
will be changed to 'bool stopOnError'
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/nwfilter/nwfilter_ebiptables_driver.c | 99 ++++++++++++++-----------------
1 file changed, 46 insertions(+), 53 deletions(-)
diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c
b/src/nwfilter/nwfilter_ebiptables_driver.c
index b3405e5..640c5fe 100644
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -585,8 +585,7 @@ ebtablesHandleEthHdr(virBufferPtr buf,
static int iptablesLinkIPTablesBaseChain(virBufferPtr buf,
const char *udchain,
const char *syschain,
- unsigned int pos,
- int stopOnError)
+ unsigned int pos)
{
virBufferAsprintf(buf,
"res=$($IPT -L %s -n --line-number | %s '%s')\n"
@@ -612,10 +611,10 @@ static int iptablesLinkIPTablesBaseChain(virBufferPtr buf,
pos,
syschain, pos, udchain,
- CMD_STOPONERR(stopOnError),
+ CMD_STOPONERR(true),
syschain,
- CMD_STOPONERR(stopOnError));
+ CMD_STOPONERR(true));
return 0;
}
@@ -627,13 +626,13 @@ static int iptablesCreateBaseChains(virBufferPtr buf)
"$IPT -N " VIRT_IN_POST_CHAIN CMD_SEPARATOR
"$IPT -N " HOST_IN_CHAIN CMD_SEPARATOR);
iptablesLinkIPTablesBaseChain(buf,
- VIRT_IN_CHAIN, "FORWARD", 1, 1);
+ VIRT_IN_CHAIN, "FORWARD", 1);
iptablesLinkIPTablesBaseChain(buf,
- VIRT_OUT_CHAIN, "FORWARD", 2, 1);
+ VIRT_OUT_CHAIN, "FORWARD", 2);
iptablesLinkIPTablesBaseChain(buf,
- VIRT_IN_POST_CHAIN, "FORWARD", 3, 1);
+ VIRT_IN_POST_CHAIN, "FORWARD", 3);
iptablesLinkIPTablesBaseChain(buf,
- HOST_IN_CHAIN, "INPUT", 1, 1);
+ HOST_IN_CHAIN, "INPUT", 1);
return 0;
}
@@ -642,8 +641,7 @@ static int iptablesCreateBaseChains(virBufferPtr buf)
static int
iptablesCreateTmpRootChain(virBufferPtr buf,
char prefix,
- bool incoming, const char *ifname,
- int stopOnError)
+ bool incoming, const char *ifname)
{
char chain[MAX_CHAINNAME_LENGTH];
char chainPrefix[2] = {
@@ -659,7 +657,7 @@ iptablesCreateTmpRootChain(virBufferPtr buf,
CMD_EXEC
"%s",
chain,
- CMD_STOPONERR(stopOnError));
+ CMD_STOPONERR(true));
return 0;
}
@@ -669,9 +667,9 @@ static int
iptablesCreateTmpRootChains(virBufferPtr buf,
const char *ifname)
{
- iptablesCreateTmpRootChain(buf, 'F', false, ifname, 1);
- iptablesCreateTmpRootChain(buf, 'F', true, ifname, 1);
- iptablesCreateTmpRootChain(buf, 'H', true, ifname, 1);
+ iptablesCreateTmpRootChain(buf, 'F', false, ifname);
+ iptablesCreateTmpRootChain(buf, 'F', true, ifname);
+ iptablesCreateTmpRootChain(buf, 'H', true, ifname);
return 0;
}
@@ -753,8 +751,7 @@ static int
iptablesLinkTmpRootChain(virBufferPtr buf,
const char *basechain,
char prefix,
- bool incoming, const char *ifname,
- int stopOnError)
+ bool incoming, const char *ifname)
{
char chain[MAX_CHAINNAME_LENGTH];
char chainPrefix[2] = {
@@ -775,7 +772,7 @@ iptablesLinkTmpRootChain(virBufferPtr buf,
basechain,
match, ifname, chain,
- CMD_STOPONERR(stopOnError));
+ CMD_STOPONERR(true));
return 0;
}
@@ -785,9 +782,9 @@ static int
iptablesLinkTmpRootChains(virBufferPtr buf,
const char *ifname)
{
- iptablesLinkTmpRootChain(buf, VIRT_OUT_CHAIN, 'F', false, ifname, 1);
- iptablesLinkTmpRootChain(buf, VIRT_IN_CHAIN, 'F', true, ifname, 1);
- iptablesLinkTmpRootChain(buf, HOST_IN_CHAIN, 'H', true, ifname, 1);
+ iptablesLinkTmpRootChain(buf, VIRT_OUT_CHAIN, 'F', false, ifname);
+ iptablesLinkTmpRootChain(buf, VIRT_IN_CHAIN, 'F', true, ifname);
+ iptablesLinkTmpRootChain(buf, HOST_IN_CHAIN, 'H', true, ifname);
return 0;
}
@@ -960,15 +957,14 @@ iptablesRenameTmpRootChains(virBufferPtr buf,
static void
iptablesInstCommand(virBufferPtr buf,
- const char *templ, char cmd, int pos,
- int stopOnError)
+ const char *templ, char cmd, int pos)
{
char position[10] = { 0 };
if (pos >= 0)
snprintf(position, sizeof(position), "%d", pos);
virBufferAsprintf(buf, templ, cmd, position);
virBufferAsprintf(buf, CMD_SEPARATOR "%s",
- CMD_STOPONERR(stopOnError));
+ CMD_STOPONERR(true));
}
@@ -2869,8 +2865,7 @@ ebiptablesExecCLI(virBufferPtr buf, bool ignoreNonzero, char
**outbuf)
static int
ebtablesCreateTmpRootChain(virBufferPtr buf,
- bool incoming, const char *ifname,
- int stopOnError)
+ bool incoming, const char *ifname)
{
char chain[MAX_CHAINNAME_LENGTH];
char chainPrefix = incoming ? CHAINPREFIX_HOST_IN_TEMP
@@ -2883,7 +2878,7 @@ ebtablesCreateTmpRootChain(virBufferPtr buf,
CMD_EXEC
"%s",
chain,
- CMD_STOPONERR(stopOnError));
+ CMD_STOPONERR(true));
return 0;
}
@@ -2891,8 +2886,7 @@ ebtablesCreateTmpRootChain(virBufferPtr buf,
static int
ebtablesLinkTmpRootChain(virBufferPtr buf,
- bool incoming, const char *ifname,
- int stopOnError)
+ bool incoming, const char *ifname)
{
char chain[MAX_CHAINNAME_LENGTH];
char chainPrefix = incoming ? CHAINPREFIX_HOST_IN_TEMP
@@ -2909,7 +2903,7 @@ ebtablesLinkTmpRootChain(virBufferPtr buf,
: EBTABLES_CHAIN_OUTGOING,
iodev, ifname, chain,
- CMD_STOPONERR(stopOnError));
+ CMD_STOPONERR(true));
return 0;
}
@@ -3009,7 +3003,6 @@ ebtablesCreateTmpSubChain(ebiptablesRuleInstPtr *inst,
const char *ifname,
enum l3_proto_idx protoidx,
const char *filtername,
- int stopOnError,
virNWFilterChainPriority priority)
{
virBuffer buf = VIR_BUFFER_INITIALIZER;
@@ -3057,11 +3050,11 @@ ebtablesCreateTmpSubChain(ebiptablesRuleInstPtr *inst,
chain,
chain,
- CMD_STOPONERR(stopOnError),
+ CMD_STOPONERR(true),
rootchain, protostr, chain,
- CMD_STOPONERR(stopOnError));
+ CMD_STOPONERR(true));
VIR_FREE(protostr);
@@ -3217,7 +3210,7 @@ ebtablesRenameTmpSubAndRootChains(virBufferPtr buf,
static void
ebiptablesInstCommand(virBufferPtr buf,
const char *templ, char cmd, int pos,
- int stopOnError)
+ bool stopOnError)
{
char position[10] = { 0 };
if (pos >= 0)
@@ -3275,7 +3268,7 @@ ebtablesApplyBasicRules(const char *ifname,
NWFILTER_SET_EBTABLES_SHELLVAR(&buf);
- ebtablesCreateTmpRootChain(&buf, true, ifname, 1);
+ ebtablesCreateTmpRootChain(&buf, true, ifname);
PRINT_ROOT_CHAIN(chain, chainPrefix, ifname);
virBufferAsprintf(&buf,
@@ -3310,7 +3303,7 @@ ebtablesApplyBasicRules(const char *ifname,
chain,
CMD_STOPONERR(1));
- ebtablesLinkTmpRootChain(&buf, true, ifname, 1);
+ ebtablesLinkTmpRootChain(&buf, true, ifname);
ebtablesRenameTmpRootChain(&buf, true, ifname);
if (ebiptablesExecCLI(&buf, false, NULL) < 0)
@@ -3372,8 +3365,8 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
NWFILTER_SET_EBTABLES_SHELLVAR(&buf);
- ebtablesCreateTmpRootChain(&buf, true, ifname, 1);
- ebtablesCreateTmpRootChain(&buf, false, ifname, 1);
+ ebtablesCreateTmpRootChain(&buf, true, ifname);
+ ebtablesCreateTmpRootChain(&buf, false, ifname);
PRINT_ROOT_CHAIN(chain_in, CHAINPREFIX_HOST_IN_TEMP, ifname);
PRINT_ROOT_CHAIN(chain_out, CHAINPREFIX_HOST_OUT_TEMP, ifname);
@@ -3453,8 +3446,8 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
chain_out,
CMD_STOPONERR(1));
- ebtablesLinkTmpRootChain(&buf, true, ifname, 1);
- ebtablesLinkTmpRootChain(&buf, false, ifname, 1);
+ ebtablesLinkTmpRootChain(&buf, true, ifname);
+ ebtablesLinkTmpRootChain(&buf, false, ifname);
if (!leaveTemporary) {
ebtablesRenameTmpRootChain(&buf, true, ifname);
@@ -3504,8 +3497,8 @@ ebtablesApplyDropAllRules(const char *ifname)
NWFILTER_SET_EBTABLES_SHELLVAR(&buf);
- ebtablesCreateTmpRootChain(&buf, true, ifname, 1);
- ebtablesCreateTmpRootChain(&buf, false, ifname, 1);
+ ebtablesCreateTmpRootChain(&buf, true, ifname);
+ ebtablesCreateTmpRootChain(&buf, false, ifname);
PRINT_ROOT_CHAIN(chain_in, CHAINPREFIX_HOST_IN_TEMP, ifname);
PRINT_ROOT_CHAIN(chain_out, CHAINPREFIX_HOST_OUT_TEMP, ifname);
@@ -3526,8 +3519,8 @@ ebtablesApplyDropAllRules(const char *ifname)
chain_out,
CMD_STOPONERR(1));
- ebtablesLinkTmpRootChain(&buf, true, ifname, 1);
- ebtablesLinkTmpRootChain(&buf, false, ifname, 1);
+ ebtablesLinkTmpRootChain(&buf, true, ifname);
+ ebtablesLinkTmpRootChain(&buf, false, ifname);
ebtablesRenameTmpRootChain(&buf, true, ifname);
ebtablesRenameTmpRootChain(&buf, false, ifname);
@@ -3692,7 +3685,7 @@ ebtablesCreateTmpRootAndSubChains(virBufferPtr buf,
virHashKeyValuePairPtr filter_names;
const virNWFilterChainPriority *priority;
- if (ebtablesCreateTmpRootChain(buf, incoming, ifname, 1) < 0)
+ if (ebtablesCreateTmpRootChain(buf, incoming, ifname) < 0)
return -1;
filter_names = virHashGetItems(chains,
@@ -3708,7 +3701,7 @@ ebtablesCreateTmpRootAndSubChains(virBufferPtr buf,
priority = (const virNWFilterChainPriority *)filter_names[i].value;
rc = ebtablesCreateTmpSubChain(inst, nRuleInstances,
incoming, ifname, idx,
- filter_names[i].key, 1,
+ filter_names[i].key,
*priority);
if (rc < 0)
break;
@@ -3823,11 +3816,11 @@ ebiptablesApplyNewRules(const char *ifname,
ebtChains[j].priority <= inst[i]->priority) {
ebiptablesInstCommand(&buf,
ebtChains[j++].commandTemplate,
- 'A', -1, 1);
+ 'A', -1, true);
}
ebiptablesInstCommand(&buf,
inst[i]->commandTemplate,
- 'A', -1, 1);
+ 'A', -1, true);
break;
case RT_IPTABLES:
haveIptables = true;
@@ -3841,7 +3834,7 @@ ebiptablesApplyNewRules(const char *ifname,
while (j < nEbtChains)
ebiptablesInstCommand(&buf,
ebtChains[j++].commandTemplate,
- 'A', -1, 1);
+ 'A', -1, true);
if (ebiptablesExecCLI(&buf, false, &errmsg) < 0)
goto tear_down_tmpebchains;
@@ -3878,7 +3871,7 @@ ebiptablesApplyNewRules(const char *ifname,
if (inst[i]->ruleType == RT_IPTABLES)
iptablesInstCommand(&buf,
inst[i]->commandTemplate,
- 'A', -1, 1);
+ 'A', -1);
}
if (ebiptablesExecCLI(&buf, false, &errmsg) < 0)
@@ -3918,7 +3911,7 @@ ebiptablesApplyNewRules(const char *ifname,
if (inst[i]->ruleType == RT_IP6TABLES)
iptablesInstCommand(&buf,
inst[i]->commandTemplate,
- 'A', -1, 1);
+ 'A', -1);
}
if (ebiptablesExecCLI(&buf, false, &errmsg) < 0)
@@ -3930,9 +3923,9 @@ ebiptablesApplyNewRules(const char *ifname,
NWFILTER_SET_EBTABLES_SHELLVAR(&buf);
if (virHashSize(chains_in_set) != 0)
- ebtablesLinkTmpRootChain(&buf, true, ifname, 1);
+ ebtablesLinkTmpRootChain(&buf, true, ifname);
if (virHashSize(chains_out_set) != 0)
- ebtablesLinkTmpRootChain(&buf, false, ifname, 1);
+ ebtablesLinkTmpRootChain(&buf, false, ifname);
if (ebiptablesExecCLI(&buf, false, &errmsg) < 0)
goto tear_down_ebsubchains_and_unlink;
@@ -4113,7 +4106,7 @@ ebiptablesRemoveRules(const char *ifname ATTRIBUTE_UNUSED,
ebiptablesInstCommand(&buf,
inst[i]->commandTemplate,
'D', -1,
- 0);
+ false);
if (ebiptablesExecCLI(&buf, true, NULL) < 0)
goto cleanup;
--
1.8.5.3