On 04/01/2011 10:17 AM, Stefan Berger wrote:
This patch adds support for the evaluation of TCP flags in nwfilters.
It adds documentation to the web page and extends the tests as well.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
It would help to list a sample xml snippet in the commit message as well, so that 'git log' can more easily find when it was introduced. I haven't looked at this closely (it's post-0.9.0 material), but the idea sounds nice and in line with your overall efforts of making nwfilter more fine-grained :)
+++ libvirt-acl/docs/formatnwfilter.html.in @@ -755,6 +755,11 @@ <td>STRING</td> <td>comma separated list of NEW,ESTABLISHED,RELATED,INVALID or NONE</td> </tr> + <tr> + <td>flags <span class="since">(Since 0.9.0)</span></td>
So this would need to be 0.9.1.
+ <td>STRING</td> + <td>TCP-only: format of mask/flags with mask and flags each being a comma separated list of SYN,ACK,URG,PSH,FIN,RST or NONE or ALL</td> + </tr> </table> <p> <br><br> @@ -1040,6 +1045,11 @@ <td>STRING</td> <td>comma separated list of NEW,ESTABLISHED,RELATED,INVALID or NONE</td> </tr> + <tr> + <td>flags <span class="since">(Since 0.8.5)</span></td>
Is 0.8.5 right?
+ <td>STRING</td> + <td>format of mask/flags with mask and flags each being a comma separated list of SYN,ACK,URG,PSH,FIN,RST or NONE or ALL</td> + </tr> </table> <p> <br><br>
-- Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org