Re: [libvirt] [PATCH] nwfilter: Update of filters to handle multiple IP addresses

With fragments borrowed from David Steven's previous submission and some further modifications: A set of modifications to existing filters to handle multiple IP addresses (and MAC addresses) per interface. Also: - enable DHCP traffic from VM to any DHCP server - will require an update to a libvirt-tck data file Signed-off-by: David L Stevens <dlstevens(a)us.ibm.com&gt; Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com&gt; --- examples/xml/nwfilter/Makefile.am | 2 + examples/xml/nwfilter/clean-traffic.xml | 12 +++++++- examples/xml/nwfilter/no-arp-ip-spoofing.xml | 9 ++++++ examples/xml/nwfilter/no-arp-mac-spoofing.xml | 7 ++++ examples/xml/nwfilter/no-arp-spoofing.xml | 38 ++------------------------

@@ -1,4 +1,4 @@ -<filter name='clean-traffic'> +<filter name='clean-traffic' chain='root'> <!-- An example of a traffic filter enforcing clean traffic