Matthias Bolte <matthias.bolte@googlemail.com> wrote on 02/18/2010 09:15:47 AM:
"Daniel P. Berrange", veillard, libvir-list, Vivek Kashyap
2010/2/18 Stefan Berger <stefanb@us.ibm.com>:
<domain type='kvm'> <name>demo</name> <memory>256000</memory> <devices> <interface type="bridge"> <filter name='demofilter' att0='IP' val0='10.0.0.1'/> </interface> </devices> </domain>
This allows us to pass any necessary parameters to the filters for instantiation in the respective environment. So, if a filter is to be instantiated and
holds
the variable XYZ, then one may add
att1='XYZ' val1='<some value>'
Passing parameters this way seems a bit unexpected for XML. How about something like this:
<interface type="bridge"> <filter name='demofilter'> <parameter name='IP' value='10.0.0.1'/> </filter> </interface>
I think we'll change this to ... <interface type="bridge"> <filterref ref='demofilter'> <parameter name='IP' value='10.0.0.1'/> </filter> </interface>
- complex filter include other filter and can contain rules
complex demofilter.xml: ----------------------- <filter name='demofilter'> <include href='drop-all'/> <include href='no-arp-spoofing' srcipaddr='$IP'/>
--> <include href='no-arp-spoofing' att0='IP' val0='1.2.3.4'.
And the same pattern for the includes:
... and this to ...
<include href='no-arp-spoofing'> <parameter name='IP' value='1.2.3.4'/> </include>
<filterref ref='no-arp-spoofing'> <parameter name='IP' value='1.2.3.4'/> </include> ... to be consistent. Thanks for feedback. Stefan
Matthias