On 02/08/2013 10:25 AM, Daniel P. Berrange wrote:
On Mon, Feb 04, 2013 at 10:45:23AM +0100, Natanael Copa wrote:
Instead of creating an iptables command in one shot, do it in steps so we can add conditional options like physdev and protocol.
This removes code duplication while keeping existing behaviour.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> --- This patch is unmodified since last time i sent it [1].
[1] https://www.redhat.com/archives/libvir-list/2012-November/msg00986.html
src/util/viriptables.c | 130 ++++++++++++++++++++++--------------------------- 1 file changed, 58 insertions(+), 72 deletions(-)
ACK, looks fine.
Well, almost fine - it had an embedded TAB and failed 'make syntax-check'. But I fixed that with the following squash-in, and pushed: diff --git i/src/util/viriptables.c w/src/util/viriptables.c index b03b0e9..41fe780 100644 --- i/src/util/viriptables.c +++ w/src/util/viriptables.c @@ -1,7 +1,7 @@ /* * viriptables.c: helper APIs for managing iptables * - * Copyright (C) 2007-2012 Red Hat, Inc. + * Copyright (C) 2007-2013 Red Hat, Inc. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -397,7 +397,7 @@ iptablesForwardAllowOut(iptablesContext *ctx, action); virCommandAddArgList(cmd, "--source", networkstr, - "--in-interface", iface, NULL); + "--in-interface", iface, NULL); if (physdev && physdev[0]) virCommandAddArgList(cmd, "--out-interface", physdev, NULL); -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org