On Fri, Jun 11, 2010 at 02:02:11PM -0400, Stefan Berger wrote:
This patch adds an optional XML attribute to a nwfilter rule to give the user control over whether the rule is supposed to be using the state match or not. A rule may now look like shown in the XML below with the statematch attribute either having value '0' or 'false' (case-insensitive).
[...] <rule action='accept' direction='in' statematch='false'> <tcp srcmacaddr='1:2:3:4:5:6' srcipaddr='10.1.2.3' srcipmask='32' dscp='33' srcportstart='20' srcportend='21' dstportstart='100' dstportend='1111'/> </rule> [...]
I am also extending the nwfilter schema and add this attribute to a test case.
V2: - Following D. Berrange's suggestion I inverted the logic from 'nomatch' XML attribute to statematch attribute
ACK Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|