libvir-list-bounces@redhat.com wrote on 03/25/2010 11:59:11 AM:
"Daniel P. Berrange" <berrange@redhat.com> wrote on 03/25/2010 11:49:05 AM:
Please respond to "Daniel P. Berrange"
On Tue, Mar 23, 2010 at 10:54:17AM -0400, stefanb@us.ibm.com wrote:
+/* + char macaddr[VIR_MAC_STRING_BUFLEN], + ipaddr[INET_ADDRSTRLEN], + number[20]; + char chain[MAX_CHAINNAME_LENGTH]; + virBuffer buf = VIR_BUFFER_INITIALIZER; + + if (nwfilter->chainsuffix == VIR_NWFILTER_CHAINSUFFIX_ROOT) + PRINT_ROOT_CHAIN(chain, chainPrefix, ifname); + else + PRINT_CHAIN(chain, chainPrefix, ifname, + virNWFilterChainSuffixTypeToString (nwfilter->chainsuffix));
Since we're passing this into the shell, I think we should do paranoid validation on the 'chain' and 'ifname' fields, since they ultimately come from the user specified XML. Validate that it only contains a-Z, 0-0, -, _
Actually the user specified XML only currently allows the chain names 'arp', 'ipv4', 'ipv6' and 'root'. Others will already be rejected when parsing the filter.
Actually, yes, there's a problem with target device names like t\"t that do create an interface named t\"t but end up creating an ebtables entry with interface t"t. So if I don't go through bash it works correctly, otherwise it does not and I guess I would need to escape the '\' with '\\\'. Stefan
It would also be nice to put a variety of XML files in a
directory and making a test suite to run the parser API against them, as well as adding some real world examples in the examples/nwfilter
tests/nwfilterdata directory
for end users to start from.
In the v4 patch series I am adding filters to examples/xml/nwfilter that are automatically copied to /etc/libvirt/nwfilter for libvirt to pick up.
Gerhard has written a couple of test cases but they are for the external
test suite from what I know. So, yes, we'll add test cases over time.
Regards, Stefan
Regards, Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/
|: http://libvirt.org -o- http://virt-manager.org -o- http:// deltacloud.org:| |: http://autobuild.org -o- http://search.cpan.org/ ~danberr/:| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|--
berrange/:| libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list