Re: [libvirt] [PATCH] nwfilters: support for TCP flags evaluation
On 04/01/2011 10:17 AM, Stefan Berger wrote:
This patch adds support for the evaluation of TCP flags in
nwfilters.
It adds documentation to the web page and extends the tests as well.
Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com>
It would help to list a sample xml snippet in the commit message as
well, so that 'git log' can more easily find when it was introduced.
I haven't looked at this closely (it's post-0.9.0 material), but the
idea sounds nice and in line with your overall efforts of making
nwfilter more fine-grained :)
+++ libvirt-acl/docs/formatnwfilter.html.in
@@ -755,6 +755,11 @@
<td>STRING</td>
<td>comma separated list of NEW,ESTABLISHED,RELATED,INVALID or NONE</td>
</tr>
+ <tr>
+ <td>flags <span class="since">(Since
0.9.0)</span></td>
So this would need to be 0.9.1.
+ <td>STRING</td>
+ <td>TCP-only: format of mask/flags with mask and flags each being a
comma separated list of SYN,ACK,URG,PSH,FIN,RST or NONE or ALL</td>
+ </tr>
</table>
<p>
<br><br>
@@ -1040,6 +1045,11 @@
<td>STRING</td>
<td>comma separated list of NEW,ESTABLISHED,RELATED,INVALID or NONE</td>
</tr>
+ <tr>
+ <td>flags <span class="since">(Since
0.8.5)</span></td>
Is 0.8.5 right?
+ <td>STRING</td>
+ <td>format of mask/flags with mask and flags each being a comma
separated list of SYN,ACK,URG,PSH,FIN,RST or NONE or ALL</td>
+ </tr>
</table>
<p>
<br><br>
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)