On Fri, Mar 26, 2010 at 02:41:30PM -0400, Stefan Berger wrote:
"Daniel P. Berrange" <berrange@redhat.com> wrote on 03/26/2010 02:04:26 PM:
Please respond to "Daniel P. Berrange"
On Thu, Mar 25, 2010 at 01:45:58PM -0400, Stefan Berger wrote:
Hi!
This is a repost of this set of patches with some of the suggested
fixes
applied and ipv6 support on the ebtables layer added.
Between V3 and V4 of this patch series the following changes were made: - occurrences of typo 'scp' were changed to 'sctp' - the root ebtables chain for each interface now has the previx of'libvirt-' - additional calls into tear-down functions in case something goes wrong while starting the qemu/kvm VM in 2nd level error paths - additional functions in the driver interface to split up the application of firewall rules into - creation of new firewall rules 'tree' - switch-over to new firewall rules 'tree', tear down of old one and renaming of new firewall 'tree' - tear down of new firewall rules 'tree' in case an error happend during update of several VMs. - additional patch with example filters
FYI, I have pushed this whole v4 series to libvirt GIT.
I had to re-order the patches to make the series bisectable, and fix one or two minor syntax check problems, but no code changes.
There is one problem I would like to see fixed asap though
src/conf/nwfilter_conf.c
has a dependancy on the driver implementation nwfilter/ nwfilter_gentech_driver.h which is not good. The 'conf' directory is only allowed to depend on stuff in util/, or itself, never depend on driver code.
From nwfilter_conf.c I call several functions of the nwfilter_gentech_driver.c from within an iterator callback function. Is the general right solution for this to have nwfilter_gentech_driver.c register an interface with nwfilter_conf.c that provides the addresses of those functions call from within nwfilter_conf.c now? If so, I think I could pass the callback function to the nwfilter_conf.c and move the actual callback function in nwfilter_gentech_driver.c and pass its address via the initialization function I call in nwfilter_conf.c from nwfilter_gentech_driver.c.
Cool, that sounds like a good plan Regards, Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|