diff --git a/src/conf/virnetworkobj.c b/src/conf/virnetworkobj.c index d5aa121e20..f5db4c5804 100644 --- a/src/conf/virnetworkobj.c +++ b/src/conf/virnetworkobj.c @@ -55,6 +55,11 @@ struct _virNetworkObj { unsigned int taint; + /* fwRemoval contains all commands needed to remove the firewall + * that was added for this network. + */ + virFirewall *fwRemoval; + /* Immutable pointer, self locking APIs */ virMacMap *macmap; @@ -239,6 +244,24 @@ virNetworkObjSetFloorSum(virNetworkObj *obj, } +virFirewall * +virNetworkObjGetFwRemoval(virNetworkObj *obj) +{ + return obj->fwRemoval; +} + + +void +virNetworkObjSetFwRemoval(virNetworkObj *obj, + virFirewall *fwRemoval) +{ + obj->fwRemoval = fwRemoval; + /* give it a name so it's identifiable in the XML */ + if (fwRemoval) + virFirewallSetName(fwRemoval, "fwRemoval"); +} + + void virNetworkObjSetMacMap(virNetworkObj *obj, virMacMap **macmap) @@ -444,6 +467,7 @@ virNetworkObjDispose(void *opaque) virNetworkDefFree(obj->newDef); virBitmapFree(obj->classIdMap); virObjectUnref(obj->macmap); + virFirewallFree(obj->fwRemoval); } @@ -792,6 +816,9 @@ virNetworkObjFormat(virNetworkObj *obj, if (virNetworkDefFormatBuf(&buf, obj->def, xmlopt, flags) < 0) return NULL; + if (obj->fwRemoval && virFirewallFormat(&buf, obj->fwRemoval) < 0) + return NULL; + virBufferAdjustIndent(&buf, -2); virBufferAddLit(&buf, ""); @@ -826,6 +853,7 @@ virNetworkLoadState(virNetworkObjList *nets, g_autofree char *configFile = NULL; g_autoptr(virNetworkDef) def = NULL; virNetworkObj *obj = NULL; + g_autoptr(virFirewall) fwRemoval = NULL; g_autoptr(xmlDoc) xml = NULL; xmlNodePtr node = NULL; g_autoptr(xmlXPathContext) ctxt = NULL; @@ -868,6 +896,7 @@ virNetworkLoadState(virNetworkObjList *nets, g_autofree char *classIdStr = NULL; g_autofree char *floor_sum = NULL; g_autofree xmlNodePtr *nodes = NULL; + xmlNodePtr fwNode; ctxt->node = node; if ((classIdStr = virXPathString("string(./class_id[1]/@bitmap)", @@ -902,6 +931,15 @@ virNetworkLoadState(virNetworkObjList *nets, taint |= (1 << flag); } } + if ((fwNode = virXPathNode("./firewall", ctxt))) { + g_autoptr(virFirewall) fwTmp = NULL; + + if (virFirewallParseXML(&fwTmp, fwNode, ctxt) < 0) + return NULL; + + if (STREQ_NULLABLE(virFirewallGetName(fwTmp), "fwRemoval")) + fwRemoval = g_steal_pointer(&fwTmp); + } } /* create the object */ @@ -910,6 +948,8 @@ virNetworkLoadState(virNetworkObjList *nets, def = NULL; + virNetworkObjSetFwRemoval(obj, g_steal_pointer(&fwRemoval)); + /* assign status data stored in the network object */ if (classIdMap) { virBitmapFree(obj->classIdMap); diff --git a/src/conf/virnetworkobj.h b/src/conf/virnetworkobj.h index d3847d3422..6ebc6c49f5 100644 --- a/src/conf/virnetworkobj.h +++ b/src/conf/virnetworkobj.h @@ -23,6 +23,7 @@ #include "network_conf.h" #include "virnetworkportdef.h" +#include "virfirewall.h" typedef struct _virNetworkObj virNetworkObj; @@ -76,6 +77,13 @@ void virNetworkObjSetFloorSum(virNetworkObj *obj, unsigned long long floor_sum); +virFirewall * +virNetworkObjGetFwRemoval(virNetworkObj *obj); + +void +virNetworkObjSetFwRemoval(virNetworkObj *obj, + virFirewall *fwRemoval); + void virNetworkObjSetMacMap(virNetworkObj *obj, virMacMap **macmap); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index eb328ca04f..f0f7aa8654 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1300,6 +1300,7 @@ virNetworkObjGetClassIdMap; virNetworkObjGetDef; virNetworkObjGetDnsmasqPid; virNetworkObjGetFloorSum; +virNetworkObjGetFwRemoval; virNetworkObjGetMacMap; virNetworkObjGetMetadata; virNetworkObjGetNewDef; @@ -1331,6 +1332,7 @@ virNetworkObjSetDef; virNetworkObjSetDefTransient; virNetworkObjSetDnsmasqPid; virNetworkObjSetFloorSum; +virNetworkObjSetFwRemoval; virNetworkObjSetMacMap; virNetworkObjSetMetadata; virNetworkObjTaint;