8:29 a.m.
The bridge_driver_platform.h defines many functions that
a platform driver must implement. Only two of these
functions are actually called from the main bridge driver
code. The remainder can be made internal to the linux
driver only.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/network/bridge_driver_linux.c | 42 ++++++++++++++++++++++++------------
src/network/bridge_driver_nop.c | 42 ------------------------------------
src/network/bridge_driver_platform.h | 22 -------------------
3 files changed, 28 insertions(+), 78 deletions(-)
diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
index a2f0248..ff62cb3 100644
--- a/src/network/bridge_driver_linux.c
+++ b/src/network/bridge_driver_linux.c
@@ -130,8 +130,9 @@ out:
static const char networkLocalMulticast[] = "224.0.0.0/24";
static const char networkLocalBroadcast[] = "255.255.255.255/32";
-int networkAddMasqueradingFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef)
+static int
+networkAddMasqueradingFirewallRules(virNetworkObjPtr network,
+ virNetworkIpDefPtr ipdef)
{
int prefix = virNetworkIpDefPrefix(ipdef);
const char *forwardIf = virNetworkDefForwardIf(network->def, 0);
@@ -322,8 +323,9 @@ int networkAddMasqueradingFirewallRules(virNetworkObjPtr network,
return -1;
}
-void networkRemoveMasqueradingFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef)
+static void
+networkRemoveMasqueradingFirewallRules(virNetworkObjPtr network,
+ virNetworkIpDefPtr ipdef)
{
int prefix = virNetworkIpDefPrefix(ipdef);
const char *forwardIf = virNetworkDefForwardIf(network->def, 0);
@@ -367,8 +369,9 @@ void networkRemoveMasqueradingFirewallRules(virNetworkObjPtr network,
}
}
-int networkAddRoutingFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef)
+static int
+networkAddRoutingFirewallRules(virNetworkObjPtr network,
+ virNetworkIpDefPtr ipdef)
{
int prefix = virNetworkIpDefPrefix(ipdef);
const char *forwardIf = virNetworkDefForwardIf(network->def, 0);
@@ -413,8 +416,10 @@ routeerr1:
return -1;
}
-void networkRemoveRoutingFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef)
+
+static void
+networkRemoveRoutingFirewallRules(virNetworkObjPtr network,
+ virNetworkIpDefPtr ipdef)
{
int prefix = virNetworkIpDefPrefix(ipdef);
const char *forwardIf = virNetworkDefForwardIf(network->def, 0);
@@ -534,7 +539,9 @@ networkRemoveGeneralIp6tablesRules(virNetworkObjPtr network)
iptablesRemoveForwardRejectOut(AF_INET6, network->def->bridge);
}
-int networkAddGeneralFirewallRules(virNetworkObjPtr network)
+
+static int
+networkAddGeneralFirewallRules(virNetworkObjPtr network)
{
size_t i;
virNetworkIpDefPtr ipv4def;
@@ -664,7 +671,9 @@ err1:
return -1;
}
-void networkRemoveGeneralFirewallRules(virNetworkObjPtr network)
+
+static void
+networkRemoveGeneralFirewallRules(virNetworkObjPtr network)
{
size_t i;
virNetworkIpDefPtr ipv4def;
@@ -694,8 +703,10 @@ void networkRemoveGeneralFirewallRules(virNetworkObjPtr network)
iptablesRemoveTcpInput(AF_INET, network->def->bridge, 67);
}
-int networkAddIpSpecificFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef)
+
+static int
+networkAddIpSpecificFirewallRules(virNetworkObjPtr network,
+ virNetworkIpDefPtr ipdef)
{
/* NB: in the case of IPv6, routing rules are added when the
* forward mode is NAT. This is because IPv6 has no NAT.
@@ -712,8 +723,10 @@ int networkAddIpSpecificFirewallRules(virNetworkObjPtr network,
return 0;
}
-void networkRemoveIpSpecificFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef)
+
+static void
+networkRemoveIpSpecificFirewallRules(virNetworkObjPtr network,
+ virNetworkIpDefPtr ipdef)
{
if (network->def->forward.type == VIR_NETWORK_FORWARD_NAT) {
if (VIR_SOCKET_ADDR_IS_FAMILY(&ipdef->address, AF_INET))
@@ -725,6 +738,7 @@ void networkRemoveIpSpecificFirewallRules(virNetworkObjPtr network,
}
}
+
/* Add all rules for all ip addresses (and general rules) on a network */
int networkAddFirewallRules(virNetworkObjPtr network)
{
diff --git a/src/network/bridge_driver_nop.c b/src/network/bridge_driver_nop.c
index 23c712d..b8aeaba 100644
--- a/src/network/bridge_driver_nop.c
+++ b/src/network/bridge_driver_nop.c
@@ -26,48 +26,6 @@ int networkCheckRouteCollision(virNetworkObjPtr network
ATTRIBUTE_UNUSED)
return 0;
}
-int networkAddMasqueradingFirewallRules(virNetworkObjPtr network ATTRIBUTE_UNUSED,
- virNetworkIpDefPtr ipdef ATTRIBUTE_UNUSED)
-{
- return 0;
-}
-
-void networkRemoveMasqueradingFirewallRules(virNetworkObjPtr network ATTRIBUTE_UNUSED,
- virNetworkIpDefPtr ipdef ATTRIBUTE_UNUSED)
-{
-}
-
-int networkAddRoutingFirewallRules(virNetworkObjPtr network ATTRIBUTE_UNUSED,
- virNetworkIpDefPtr ipdef ATTRIBUTE_UNUSED)
-{
- return 0;
-}
-
-void networkRemoveRoutingFirewallRules(virNetworkObjPtr network ATTRIBUTE_UNUSED,
- virNetworkIpDefPtr ipdef ATTRIBUTE_UNUSED)
-{
-}
-
-int networkAddGeneralFirewallRules(virNetworkObjPtr network ATTRIBUTE_UNUSED)
-{
- return 0;
-}
-
-void networkRemoveGeneralFirewallRules(virNetworkObjPtr network ATTRIBUTE_UNUSED)
-{
-}
-
-int networkAddIpSpecificFirewallRules(virNetworkObjPtr network ATTRIBUTE_UNUSED,
- virNetworkIpDefPtr ipdef ATTRIBUTE_UNUSED)
-{
- return 0;
-}
-
-void networkRemoveIpSpecificFirewallRules(virNetworkObjPtr network ATTRIBUTE_UNUSED,
- virNetworkIpDefPtr ipdef ATTRIBUTE_UNUSED)
-{
-}
-
int networkAddFirewallRules(virNetworkObjPtr network ATTRIBUTE_UNUSED)
{
return 0;
diff --git a/src/network/bridge_driver_platform.h b/src/network/bridge_driver_platform.h
index 82d96f6..13d2fce 100644
--- a/src/network/bridge_driver_platform.h
+++ b/src/network/bridge_driver_platform.h
@@ -53,28 +53,6 @@ typedef virNetworkDriverState *virNetworkDriverStatePtr;
int networkCheckRouteCollision(virNetworkObjPtr network);
-int networkAddMasqueradingFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef);
-
-void networkRemoveMasqueradingFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef);
-
-int networkAddRoutingFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef);
-
-void networkRemoveRoutingFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef);
-
-int networkAddGeneralFirewallRules(virNetworkObjPtr network);
-
-void networkRemoveGeneralFirewallRules(virNetworkObjPtr network);
-
-int networkAddIpSpecificFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef);
-
-void networkRemoveIpSpecificFirewallRules(virNetworkObjPtr network,
- virNetworkIpDefPtr ipdef);
-
int networkAddFirewallRules(virNetworkObjPtr network);
void networkRemoveFirewallRules(virNetworkObjPtr network);
--
1.8.5.3