Re: [libvirt] [patch 2/5] nwfilter: Instantiate state match in ip(6)tables rules
On Fri, Oct 01, 2010 at 08:28:51PM -0400, Stefan Berger wrote:
In this patch I am extending the rule instantiator to create the
state
match according to the state attribute in the XML. Only one iptables
rule in the incoming or outgoing direction will be created for a rule
in direction 'in' or 'out' respectively. A rule in direction
'inout' does
get iptables rules in both directions.
Signed-off-by: Stefan Berger <stefanb(a)us.ibm.com>
Looks fine, ACK,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/