Re: [libvirt] [PATCH V6 07/11] Enable chains with names having a known prefix

On 11/18/2011 06:32 AM, Stefan Berger wrote: > This patch enables chains that have a known prefix in their name. > Known prefixes are: 'ipv4', 'ipv6', 'arp', 'rarp'. All prefixes > are also protocols that can be evaluated on the ebtables level. > > + > + if (chainname[strspn(chainname, VALID_CHAINNAME)] != 0) { > + virNWFilterReportError(VIR_ERR_INVALID_ARG, > + _("Chain name contains illegal characters")); s/illegal/invalid/ - we aren't breaking laws :)

> +++ libvirt-acl/docs/schemas/nwfilter.rng > @@ -286,10 +286,18 @@ > <attribute name="chain"> > <choice> > <value>root</value> > -<value>arp</value> > -<value>rarp</value> > -<value>ipv4</value> > -<value>ipv6</value> > +<data type="string"> > +<param name="pattern">arp[a-zA-Z0-9_\.:-]{0,9}</param> > +</data> > +<data type="string"> > +<param name="pattern">rarp[a-zA-Z0-9_\.:-]{0,8}*</param> > +</data> > +<data type="string"> > +<param name="pattern">ipv4[a-zA-Z0-9_\.:-]{0,8}*</param> > +</data> > +<data type="string"> > +<param name="pattern">ipv6[a-zA-Z0-9_\.:-]{0,8}*</param> Drop the * on the last three patterns.