[libvirt] [PATCH] nwfilter: fix loop generating too many rules
The loop processing the trusted DHCP server generated one too many rules and added one final rules that accepted responses from all DHCP servers. Below patch fixes this. --- src/nwfilter/nwfilter_ebiptables_driver.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) Index: libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c =================================================================== --- libvirt-acl.orig/src/nwfilter/nwfilter_ebiptables_driver.c +++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c @@ -3374,10 +3374,10 @@ ebtablesApplyDHCPOnlyRules(const char *i VIR_FREE(srcIPParam); - if (idx == num_dhcpsrvrs) - break; - idx++; + + if (idx >= num_dhcpsrvrs) + break; } virBufferAsprintf(&buf,
On 08/30/2012 07:55 AM, Stefan Berger wrote:
The loop processing the trusted DHCP server generated one too many rules and added one final rules that accepted responses from all DHCP servers. Below patch fixes this. --- src/nwfilter/nwfilter_ebiptables_driver.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
ACK. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
participants (2)
-
Eric Blake -
Stefan Berger