[libvirt] [PATCH 0/2] nwfilter: Compare filters for equality when updating

When a filter is updated, compare it and the original one for equality so that unnecessary instantiations of rules can be avoided. Regards, Stefan

Add function to compare two hash tables for equality. --- src/util/hash.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ src/util/hash.h | 12 ++++++++++++ 2 files changed, 58 insertions(+) Index: libvirt-iterator/src/util/hash.c =================================================================== --- libvirt-iterator.orig/src/util/hash.c +++ libvirt-iterator/src/util/hash.c @@ -663,3 +663,49 @@ virHashKeyValuePairPtr virHashGetItems(v return iter.sortArray; } + +struct virHashEqualData +{ + bool equal; + const virHashTablePtr table2; + virHashValueComparator compar; +}; + +static int virHashEqualSearcher(const void *payload, const void *name, + const void *data) +{ + struct virHashEqualData *vhed = (void *)data; + const void *value; + + value = virHashLookup(vhed->table2, name); + if (!value || + vhed->compar(value, payload) != 0) { + /* key is missing in 2nd table or values are different */ + vhed->equal = false; + /* stop 'iteration' */ + return 1; + } + return 0; +} + +bool virHashEqual(const virHashTablePtr table1, + const virHashTablePtr table2, + virHashValueComparator compar) +{ + struct virHashEqualData data = { + .equal = true, + .table2 = table2, + .compar = compar, + }; + + if (table1 == table2) + return true; + + if (!table1 || !table2 || + virHashSize(table1) != virHashSize(table2)) + return false; + + virHashSearch(table1, virHashEqualSearcher, &data); + + return data.equal; +} Index: libvirt-iterator/src/util/hash.h =================================================================== --- libvirt-iterator.orig/src/util/hash.h +++ libvirt-iterator/src/util/hash.h @@ -154,6 +154,18 @@ virHashKeyValuePairPtr virHashGetItems(v virHashKeyComparator compar); /* + * Compare two tables for equality: the lookup of a key's value in + * both tables must result in an equivalent value. + * The caller must pass in a comparator function for comparing the values + * of two keys. + */ +typedef int (*virHashValueComparator)(const void *value1, const void *value2); +bool virHashEqual(const virHashTablePtr table1, + const virHashTablePtr table2, + virHashValueComparator compar); + + +/* * Iterators */ int virHashForEach(virHashTablePtr table, virHashIterator iter, void *data);

Compare two filter definitions for equality and only rebuild the filters if the two filters are found to be different. This improves performance during an update of a filter with no obvious change or the reloading of filters during a 'kill -SIGHUP' --- src/Makefile.am | 1 src/conf/nwfilter_conf.c | 213 ++++++++++++++++++++ src/conf/nwfilter_params.c | 18 + src/conf/nwfilter_params.h | 2 src/conf/nwfilter_protocols.c | 447 ++++++++++++++++++++++++++++++++++++++++++ src/conf/nwfilter_protocols.h | 56 +++++ 6 files changed, 737 insertions(+) Index: libvirt-iterator/src/conf/nwfilter_conf.c =================================================================== --- libvirt-iterator.orig/src/conf/nwfilter_conf.c +++ libvirt-iterator/src/conf/nwfilter_conf.c @@ -42,6 +42,7 @@ #include "memory.h" #include "virterror_internal.h" #include "datatypes.h" +#include "nwfilter_protocols.h" #include "nwfilter_params.h" #include "nwfilter_conf.h" #include "domain_conf.h" @@ -140,6 +141,10 @@ static const struct int_map chain_priori INTMAP_ENTRY_LAST, }; +static bool virNWFilterDefEqual(const virNWFilterDefPtr def1, + const virNWFilterDefPtr def2, + bool cmpUUIDs); + /* * only one filter update allowed */ @@ -407,6 +412,134 @@ virNWFilterRuleDefAddString(virNWFilterR return nwf->strings[nwf->nstrings-1]; } +static bool +virNWFilterRuleDefEqual(const virNWFilterRuleDefPtr def1, + const virNWFilterRuleDefPtr def2) +{ + unsigned int i, j; + bool equal; + + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (def1->priority != def2->priority || + def1->flags != def2->flags || + def1->action != def2->action || + def1->tt != def2->tt || + def1->prtclType != def2->prtclType) + return false; + + switch (def1->prtclType) { + case VIR_NWFILTER_RULE_PROTOCOL_NONE: + return true; + case VIR_NWFILTER_RULE_PROTOCOL_MAC: + equal = virNWFilterEthHdrFilterDefEqual(&def1->p.ethHdrFilter, + &def2->p.ethHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_VLAN: + equal = virNWFilterVlanHdrFilterDefEqual(&def1->p.vlanHdrFilter, + &def2->p.vlanHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_STP: + equal = virNWFilterStpHdrFilterDefEqual(&def1->p.stpHdrFilter, + &def2->p.stpHdrFilter); + case VIR_NWFILTER_RULE_PROTOCOL_ARP: + case VIR_NWFILTER_RULE_PROTOCOL_RARP: + equal = virNWFilterArpHdrFilterDefEqual(&def1->p.arpHdrFilter, + &def2->p.arpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_IP: + equal = virNWFilterIpHdrFilterDefEqual(&def1->p.ipHdrFilter, + &def2->p.ipHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_IPV6: + equal = virNWFilterIpv6HdrFilterDefEqual(&def1->p.ipv6HdrFilter, + &def2->p.ipv6HdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_TCP: + case VIR_NWFILTER_RULE_PROTOCOL_TCPoIPV6: + equal = virNWFilterTcpHdrFilterDefEqual(&def1->p.tcpHdrFilter, + &def2->p.tcpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_ICMP: + case VIR_NWFILTER_RULE_PROTOCOL_ICMPV6: + equal = virNWFilterIcmpHdrFilterDefEqual(&def1->p.icmpHdrFilter, + &def2->p.icmpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_IGMP: + equal = virNWFilterIgmpHdrFilterDefEqual(&def1->p.igmpHdrFilter, + &def2->p.igmpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_UDP: + case VIR_NWFILTER_RULE_PROTOCOL_UDPoIPV6: + equal = virNWFilterUdpHdrFilterDefEqual(&def1->p.udpHdrFilter, + &def2->p.udpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_UDPLITE: + case VIR_NWFILTER_RULE_PROTOCOL_UDPLITEoIPV6: + equal = virNWFilterUdpliteHdrFilterDefEqual(&def1->p.udpliteHdrFilter, + &def2->p.udpliteHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_ESP: + case VIR_NWFILTER_RULE_PROTOCOL_ESPoIPV6: + equal = virNWFilterEspHdrFilterDefEqual(&def1->p.espHdrFilter, + &def2->p.espHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_AH: + case VIR_NWFILTER_RULE_PROTOCOL_AHoIPV6: + equal = virNWFilterAhHdrFilterDefEqual(&def1->p.ahHdrFilter, + &def2->p.ahHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_SCTP: + case VIR_NWFILTER_RULE_PROTOCOL_SCTPoIPV6: + equal = virNWFilterSctpHdrFilterDefEqual(&def1->p.sctpHdrFilter, + &def2->p.sctpHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_ALL: + case VIR_NWFILTER_RULE_PROTOCOL_ALLoIPV6: + equal = virNWFilterAllHdrFilterDefEqual(&def1->p.allHdrFilter, + &def2->p.allHdrFilter); + break; + case VIR_NWFILTER_RULE_PROTOCOL_LAST: + return false; + } + + if (!equal) + return false; + + if (def1->nVarAccess != def2->nVarAccess) + return false; + + for (i = 0; i < def1->nVarAccess; i++) { + equal = false; + for (j = 0; j < def2->nVarAccess; j++) { + equal = virNWFilterVarAccessEqual(def1->varAccess[i], + def2->varAccess[j]); + if (equal) + break; + } + if (!equal) + return false; + } + + if (def1->nstrings != def2->nstrings) + return false; + + for (i = 0; i < def1->nstrings; i++) { + equal = false; + for (j = 0; j < def2->nstrings; j++) { + equal = STREQ(def1->strings[i], def2->strings[j]); + if (equal) + break; + } + if (!equal) + return false; + } + return true; +} void virNWFilterObjRemove(virNWFilterObjListPtr nwfilters, @@ -2817,6 +2950,14 @@ virNWFilterObjAssignDef(virConnectPtr co virNWFilterLockFilterUpdates(); if ((nwfilter = virNWFilterObjFindByName(nwfilters, def->name))) { + + if (virNWFilterDefEqual(def, nwfilter->def, false)) { + virNWFilterDefFree(nwfilter->def); + nwfilter->def = def; + virNWFilterUnlockFilterUpdates(); + return nwfilter; + } + nwfilter->newDef = def; /* trigger the update on VMs referencing the filter */ if (virNWFilterTriggerVMFilterRebuild(conn)) { @@ -3226,6 +3367,22 @@ virNWFilterIncludeDefFormat(virNWFilterI return virBufferContentAndReset(&buf); } +static bool +virNWFilterIncludeDefEqual(const virNWFilterIncludeDefPtr def1, + const virNWFilterIncludeDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!STREQ(def1->filterref, def2->filterref) || + !virNWFilterHashTableEqual(def1->params, def2->params)) + return false; + + return true; +} static char * virNWFilterEntryFormat(virNWFilterEntryPtr entry) @@ -3235,6 +3392,22 @@ virNWFilterEntryFormat(virNWFilterEntryP return virNWFilterIncludeDefFormat(entry->include); } +static bool +virNWFilterEntryEqual(const virNWFilterEntryPtr def1, + const virNWFilterEntryPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterRuleDefEqual(def1->rule, def2->rule) || + !virNWFilterIncludeDefEqual(def1->include, def2->include)) + return false; + + return true; +} char * virNWFilterDefFormat(virNWFilterDefPtr def) @@ -3278,6 +3451,46 @@ virNWFilterDefFormat(virNWFilterDefPtr d return NULL; } +/* Compare two filter definitions for equality. + * Both filters must have the same content and all content must appear in the + * same order. + * + * @def1: the 1st filter + * @def2: the 2nd filter + * @cmpUUIDs: whether to compare the UUIDs of the two filters + * + * Returns true if both filters are equal, false otherwise. + */ +static bool +virNWFilterDefEqual(const virNWFilterDefPtr def1, const virNWFilterDefPtr def2, + bool cmpUUIDs) +{ + unsigned int i; + bool equal; + + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!STREQ(def1->name, def2->name) || + (cmpUUIDs && memcmp(def1->uuid, def2->uuid, sizeof(def1->uuid)) != 0) || + !STREQ(def1->chainsuffix, def2->chainsuffix) || + def1->chainPriority != def2->chainPriority || + def1->nentries != def2->nentries) + return false; + + /* the order of the filter entries must be the same in both */ + for (i = 0; i < def1->nentries; i++) { + equal = virNWFilterEntryEqual(def1->filterEntries[i], + def2->filterEntries[i]); + if (!equal) + return false; + } + + return true; +} char *virNWFilterConfigFile(const char *dir, const char *name) Index: libvirt-iterator/src/conf/nwfilter_params.c =================================================================== --- libvirt-iterator.orig/src/conf/nwfilter_params.c +++ libvirt-iterator/src/conf/nwfilter_params.c @@ -747,6 +747,19 @@ err_exit: return -1; } +bool +virNWFilterHashTableEqual(const virNWFilterHashTablePtr hash1, + const virNWFilterHashTablePtr hash2) +{ + if (hash1 == hash2) + return true; + + if (!hash1 || !hash2) + return false; + + return virHashEqual(hash1->hashTable, hash2->hashTable, + (virHashValueComparator)strcmp); +} static bool isValidVarName(const char *var) @@ -896,6 +909,11 @@ bool virNWFilterVarAccessEqual(const virNWFilterVarAccessPtr a, const virNWFilterVarAccessPtr b) { + if (a == b) + return true; + if (!a || !b) + return false; + if (a->accessType != b->accessType) return false; Index: libvirt-iterator/src/conf/nwfilter_params.h =================================================================== --- libvirt-iterator.orig/src/conf/nwfilter_params.h +++ libvirt-iterator/src/conf/nwfilter_params.h @@ -84,6 +84,8 @@ void *virNWFilterHashTableRemoveEntry(vi const char *name); int virNWFilterHashTablePutAll(virNWFilterHashTablePtr src, virNWFilterHashTablePtr dest); +bool virNWFilterHashTableEqual(const virNWFilterHashTablePtr hash1, + const virNWFilterHashTablePtr hash2); # define VALID_VARNAME \ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_" Index: libvirt-iterator/src/Makefile.am =================================================================== --- libvirt-iterator.orig/src/Makefile.am +++ libvirt-iterator/src/Makefile.am @@ -152,6 +152,7 @@ NETWORK_CONF_SOURCES = \ # Network filter driver generic impl APIs NWFILTER_PARAM_CONF_SOURCES = \ conf/nwfilter_params.c conf/nwfilter_params.h \ + conf/nwfilter_protocols.c conf/nwfilter_protocols.h \ conf/nwfilter_conf.h NWFILTER_CONF_SOURCES = \ Index: libvirt-iterator/src/conf/nwfilter_protocols.c =================================================================== --- /dev/null +++ libvirt-iterator/src/conf/nwfilter_protocols.c @@ -0,0 +1,447 @@ +/* + * nwfilter_protocols.c: protocol handling + * + * Copyright (C) 2011 IBM Corporation + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Author: Stefan Berger <stefanb@us.ibm.com> + */ + +#include <config.h> + +#include "internal.h" + +#include "uuid.h" +#include "virterror_internal.h" +#include "datatypes.h" +#include "nwfilter_params.h" +#include "nwfilter_conf.h" +#include "nwfilter_protocols.h" + +#define VIR_FROM_THIS VIR_FROM_NWFILTER + +#define NWITEMDESCEQUAL(ITEM) \ + virNWFilterNWItemDescEqual(&def1->ITEM, &def2->ITEM) + +static bool +virNWFilterNWItemDescEqual(const nwItemDescPtr def1, + const nwItemDescPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (def1->flags != def2->flags || + !virNWFilterVarAccessEqual(def1->varAccess, def2->varAccess) || + def1->datatype != def2->datatype) + return false; + + switch (def1->datatype) { + case DATATYPE_STRINGCOPY: + if (strcmp(def1->u.string, def2->u.string)) + return false; + break; + case DATATYPE_UINT16: + case DATATYPE_UINT8: + case DATATYPE_UINT16_HEX: + case DATATYPE_UINT8_HEX: + case DATATYPE_MACADDR: + case DATATYPE_MACMASK: + case DATATYPE_IPADDR: + case DATATYPE_IPMASK: + case DATATYPE_IPV6ADDR: + case DATATYPE_IPV6MASK: + case DATATYPE_STRING: + case DATATYPE_BOOLEAN: + case DATATYPE_UINT32: + case DATATYPE_UINT32_HEX: + if (memcmp(&def1->u, &def2->u, sizeof(def1->u))) + return false; + break; + case DATATYPE_LAST: + return false; + } + + return true; +} + +static bool +virNWFilterEthHdrDataDefEqual(const ethHdrDataDefPtr def1, + const ethHdrDataDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !NWITEMDESCEQUAL(dataSrcMACMask) || + !NWITEMDESCEQUAL(dataDstMACAddr) || + !NWITEMDESCEQUAL(dataDstMACMask)) + return false; + + return true; +} + +bool +virNWFilterEthHdrFilterDefEqual(const ethHdrFilterDefPtr def1, + const ethHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !NWITEMDESCEQUAL(dataProtocolID) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +bool +virNWFilterVlanHdrFilterDefEqual(const vlanHdrFilterDefPtr def1, + const vlanHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !NWITEMDESCEQUAL(dataVlanID) || + !NWITEMDESCEQUAL(dataVlanEncap) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +bool +virNWFilterStpHdrFilterDefEqual(const stpHdrFilterDefPtr def1, + const stpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !NWITEMDESCEQUAL(dataType) || + !NWITEMDESCEQUAL(dataFlags) || + !NWITEMDESCEQUAL(dataRootPri) || + !NWITEMDESCEQUAL(dataRootPriHi) || + !NWITEMDESCEQUAL(dataRootAddr) || + !NWITEMDESCEQUAL(dataRootAddrMask) || + !NWITEMDESCEQUAL(dataRootCost) || + !NWITEMDESCEQUAL(dataRootCostHi) || + !NWITEMDESCEQUAL(dataSndrPrio) || + !NWITEMDESCEQUAL(dataSndrPrioHi) || + !NWITEMDESCEQUAL(dataSndrAddr) || + !NWITEMDESCEQUAL(dataSndrAddrMask) || + !NWITEMDESCEQUAL(dataPort) || + !NWITEMDESCEQUAL(dataPortHi) || + !NWITEMDESCEQUAL(dataAge) || + !NWITEMDESCEQUAL(dataAgeHi) || + !NWITEMDESCEQUAL(dataMaxAge) || + !NWITEMDESCEQUAL(dataMaxAgeHi) || + !NWITEMDESCEQUAL(dataHelloTime) || + !NWITEMDESCEQUAL(dataHelloTimeHi) || + !NWITEMDESCEQUAL(dataFwdDelay) || + !NWITEMDESCEQUAL(dataFwdDelayHi) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +bool +virNWFilterArpHdrFilterDefEqual(const arpHdrFilterDefPtr def1, + const arpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !NWITEMDESCEQUAL(dataHWType) || + !NWITEMDESCEQUAL(dataProtocolType) || + !NWITEMDESCEQUAL(dataOpcode) || + !NWITEMDESCEQUAL(dataARPSrcMACAddr) || + !NWITEMDESCEQUAL(dataARPSrcIPAddr) || + !NWITEMDESCEQUAL(dataARPDstMACAddr) || + !NWITEMDESCEQUAL(dataARPDstIPAddr) || + !NWITEMDESCEQUAL(dataGratuitousARP) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +static bool +virNWFilterIpHdrDataDefEqual(const ipHdrDataDefPtr def1, + const ipHdrDataDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataIPVersion) || + !NWITEMDESCEQUAL(dataSrcIPAddr) || + !NWITEMDESCEQUAL(dataSrcIPMask) || + !NWITEMDESCEQUAL(dataDstIPAddr) || + !NWITEMDESCEQUAL(dataDstIPMask) || + !NWITEMDESCEQUAL(dataProtocolID) || + !NWITEMDESCEQUAL(dataSrcIPFrom) || + !NWITEMDESCEQUAL(dataSrcIPTo) || + !NWITEMDESCEQUAL(dataDstIPFrom) || + !NWITEMDESCEQUAL(dataDstIPTo) || + !NWITEMDESCEQUAL(dataDSCP) || + !NWITEMDESCEQUAL(dataState) || + !NWITEMDESCEQUAL(dataConnlimitAbove) || + !NWITEMDESCEQUAL(dataComment)) + return false; + + return true; +} + +static bool +virNWFilterPortDataDefEqual(const portDataDefPtr def1, + const portDataDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcPortStart) || + !NWITEMDESCEQUAL(dataSrcPortEnd) || + !NWITEMDESCEQUAL(dataDstPortStart) || + !NWITEMDESCEQUAL(dataDstPortEnd)) + return false; + + return true; +} + +bool +virNWFilterIpHdrFilterDefEqual(const ipHdrFilterDefPtr def1, + const ipHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData)) + return false; + + return true; +} + +bool +virNWFilterIpv6HdrFilterDefEqual(const ipv6HdrFilterDefPtr def1, + const ipv6HdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!virNWFilterEthHdrDataDefEqual(&def1->ethHdr, &def2->ethHdr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData)) + return false; + + return true; +} + +bool +virNWFilterIcmpHdrFilterDefEqual(const icmpHdrFilterDefPtr def1, + const icmpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !NWITEMDESCEQUAL(dataICMPType) || + !NWITEMDESCEQUAL(dataICMPCode) || + !NWITEMDESCEQUAL(dataStateFlags)) + return false; + + return true; +} + +bool +virNWFilterAllHdrFilterDefEqual(const allHdrFilterDefPtr def1, + const allHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + +bool +virNWFilterIgmpHdrFilterDefEqual(const igmpHdrFilterDefPtr def1, + const igmpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + +bool +virNWFilterTcpHdrFilterDefEqual(const tcpHdrFilterDefPtr def1, + const tcpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData) || + !NWITEMDESCEQUAL(dataTCPOption) || + !NWITEMDESCEQUAL(dataTCPFlags)) + return false; + + return true; +} + +bool +virNWFilterUdpHdrFilterDefEqual(const udpHdrFilterDefPtr def1, + const udpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData)) + return false; + + return true; +} + +bool +virNWFilterSctpHdrFilterDefEqual(const sctpHdrFilterDefPtr def1, + const sctpHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr) || + !virNWFilterPortDataDefEqual(&def1->portData, &def2->portData)) + return false; + + return true; +} + +bool +virNWFilterEspHdrFilterDefEqual(const espHdrFilterDefPtr def1, + const espHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + +bool +virNWFilterAhHdrFilterDefEqual(const ahHdrFilterDefPtr def1, + const ahHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + +bool +virNWFilterUdpliteHdrFilterDefEqual(const udpliteHdrFilterDefPtr def1, + const udpliteHdrFilterDefPtr def2) +{ + if (def1 == def2) + return true; + + if (!def1 || !def2) + return false; + + if (!NWITEMDESCEQUAL(dataSrcMACAddr) || + !virNWFilterIpHdrDataDefEqual(&def1->ipHdr, &def2->ipHdr)) + return false; + + return true; +} + Index: libvirt-iterator/src/conf/nwfilter_protocols.h =================================================================== --- /dev/null +++ libvirt-iterator/src/conf/nwfilter_protocols.h @@ -0,0 +1,56 @@ +/* + * nwfilter_protocols.h: protocol handling + * + * Copyright (C) 2011 IBM Corporation + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Author: Stefan Berger <stefanb@us.ibm.com> + */ + +#include "datatypes.h" +#include "nwfilter_params.h" +#include "nwfilter_conf.h" + +bool virNWFilterEthHdrFilterDefEqual(const ethHdrFilterDefPtr def1, + const ethHdrFilterDefPtr def2); +bool virNWFilterVlanHdrFilterDefEqual(const vlanHdrFilterDefPtr def1, + const vlanHdrFilterDefPtr def2); +bool virNWFilterStpHdrFilterDefEqual(const stpHdrFilterDefPtr def1, + const stpHdrFilterDefPtr def2); +bool virNWFilterArpHdrFilterDefEqual(const arpHdrFilterDefPtr def1, + const arpHdrFilterDefPtr def2); +bool virNWFilterIpHdrFilterDefEqual(const ipHdrFilterDefPtr def1, + const ipHdrFilterDefPtr def2); +bool virNWFilterIpv6HdrFilterDefEqual(const ipv6HdrFilterDefPtr def1, + const ipv6HdrFilterDefPtr def2); +bool virNWFilterIcmpHdrFilterDefEqual(const icmpHdrFilterDefPtr def1, + const icmpHdrFilterDefPtr def2); +bool virNWFilterAllHdrFilterDefEqual(const allHdrFilterDefPtr def1, + const allHdrFilterDefPtr def2); +bool virNWFilterIgmpHdrFilterDefEqual(const igmpHdrFilterDefPtr def1, + const igmpHdrFilterDefPtr def2); +bool virNWFilterTcpHdrFilterDefEqual(const tcpHdrFilterDefPtr def1, + const tcpHdrFilterDefPtr def2); +bool virNWFilterUdpHdrFilterDefEqual(const udpHdrFilterDefPtr def1, + const udpHdrFilterDefPtr def2); +bool virNWFilterSctpHdrFilterDefEqual(const sctpHdrFilterDefPtr def1, + const sctpHdrFilterDefPtr def2); +bool virNWFilterEspHdrFilterDefEqual(const espHdrFilterDefPtr def1, + const espHdrFilterDefPtr def2); +bool virNWFilterAhHdrFilterDefEqual(const ahHdrFilterDefPtr def1, + const ahHdrFilterDefPtr def2); +bool virNWFilterUdpliteHdrFilterDefEqual(const udpliteHdrFilterDefPtr def1, + const udpliteHdrFilterDefPtr def2);
participants (1)
-
Stefan Berger