mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-23 21:34:54 +03:00
Pass prefix rather than netmask into iptables functions
IPv6 will use prefix exclusively, and IPv4 will also optionally be able to use it, and the iptables functions really need a prefix anyway, so use the new virNetworkDefPrefix() function to send prefixes into iptables functions instead of netmasks. Also, in a couple places where a netmask is actually needed, use the new private API function for it rather than getting it directly. This will allow for cases where no netmask or prefix is specified (it returns the default for the current class of network.)
This commit is contained in:
parent
6e3e6db14f
commit
b23d417cc7
@ -585,11 +585,19 @@ cleanup:
|
||||
static int
|
||||
networkAddMasqueradingIptablesRules(struct network_driver *driver,
|
||||
virNetworkObjPtr network) {
|
||||
int prefix = virNetworkDefPrefix(network->def);
|
||||
|
||||
if (prefix < 0) {
|
||||
networkReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
_("Invalid prefix or netmask for '%s'"),
|
||||
network->def->bridge);
|
||||
goto masqerr1;
|
||||
}
|
||||
|
||||
/* allow forwarding packets from the bridge interface */
|
||||
if (iptablesAddForwardAllowOut(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev) < 0) {
|
||||
networkReportError(VIR_ERR_SYSTEM_ERROR,
|
||||
@ -601,7 +609,7 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
|
||||
/* allow forwarding packets to the bridge interface if they are part of an existing connection */
|
||||
if (iptablesAddForwardAllowRelatedIn(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev) < 0) {
|
||||
networkReportError(VIR_ERR_SYSTEM_ERROR,
|
||||
@ -636,7 +644,7 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
|
||||
/* First the generic masquerade rule for other protocols */
|
||||
if (iptablesAddForwardMasquerade(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->forwardDev,
|
||||
NULL) < 0) {
|
||||
networkReportError(VIR_ERR_SYSTEM_ERROR,
|
||||
@ -648,7 +656,7 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
|
||||
/* UDP with a source port restriction */
|
||||
if (iptablesAddForwardMasquerade(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->forwardDev,
|
||||
"udp") < 0) {
|
||||
networkReportError(VIR_ERR_SYSTEM_ERROR,
|
||||
@ -660,7 +668,7 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
|
||||
/* TCP with a source port restriction */
|
||||
if (iptablesAddForwardMasquerade(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->forwardDev,
|
||||
"tcp") < 0) {
|
||||
networkReportError(VIR_ERR_SYSTEM_ERROR,
|
||||
@ -674,25 +682,25 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
|
||||
masqerr5:
|
||||
iptablesRemoveForwardMasquerade(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->forwardDev,
|
||||
"udp");
|
||||
masqerr4:
|
||||
iptablesRemoveForwardMasquerade(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->forwardDev,
|
||||
NULL);
|
||||
masqerr3:
|
||||
iptablesRemoveForwardAllowRelatedIn(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev);
|
||||
masqerr2:
|
||||
iptablesRemoveForwardAllowOut(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev);
|
||||
masqerr1:
|
||||
@ -702,11 +710,19 @@ networkAddMasqueradingIptablesRules(struct network_driver *driver,
|
||||
static int
|
||||
networkAddRoutingIptablesRules(struct network_driver *driver,
|
||||
virNetworkObjPtr network) {
|
||||
int prefix = virNetworkDefPrefix(network->def);
|
||||
|
||||
if (prefix < 0) {
|
||||
networkReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
_("Invalid prefix or netmask for '%s'"),
|
||||
network->def->bridge);
|
||||
goto routeerr1;
|
||||
}
|
||||
|
||||
/* allow routing packets from the bridge interface */
|
||||
if (iptablesAddForwardAllowOut(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev) < 0) {
|
||||
networkReportError(VIR_ERR_SYSTEM_ERROR,
|
||||
@ -718,7 +734,7 @@ networkAddRoutingIptablesRules(struct network_driver *driver,
|
||||
/* allow routing packets to the bridge interface */
|
||||
if (iptablesAddForwardAllowIn(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev) < 0) {
|
||||
networkReportError(VIR_ERR_SYSTEM_ERROR,
|
||||
@ -733,7 +749,7 @@ networkAddRoutingIptablesRules(struct network_driver *driver,
|
||||
routeerr2:
|
||||
iptablesRemoveForwardAllowOut(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev);
|
||||
routeerr1:
|
||||
@ -869,40 +885,50 @@ networkRemoveIptablesRules(struct network_driver *driver,
|
||||
network->def->bridge, 68);
|
||||
}
|
||||
if (network->def->forwardType != VIR_NETWORK_FORWARD_NONE) {
|
||||
int prefix = virNetworkDefPrefix(network->def);
|
||||
|
||||
if (prefix < 0) {
|
||||
networkReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
_("Invalid prefix or netmask for '%s'"),
|
||||
network->def->bridge);
|
||||
goto error;
|
||||
}
|
||||
|
||||
if (network->def->forwardType == VIR_NETWORK_FORWARD_NAT) {
|
||||
iptablesRemoveForwardMasquerade(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->forwardDev,
|
||||
"tcp");
|
||||
iptablesRemoveForwardMasquerade(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->forwardDev,
|
||||
"udp");
|
||||
iptablesRemoveForwardMasquerade(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->forwardDev,
|
||||
NULL);
|
||||
iptablesRemoveForwardAllowRelatedIn(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev);
|
||||
} else if (network->def->forwardType == VIR_NETWORK_FORWARD_ROUTE)
|
||||
iptablesRemoveForwardAllowIn(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev);
|
||||
|
||||
iptablesRemoveForwardAllowOut(driver->iptables,
|
||||
&network->def->ipAddress,
|
||||
&network->def->netmask,
|
||||
prefix,
|
||||
network->def->bridge,
|
||||
network->def->forwardDev);
|
||||
}
|
||||
error:
|
||||
iptablesRemoveForwardAllowCross(driver->iptables, network->def->bridge);
|
||||
iptablesRemoveForwardRejectIn(driver->iptables, network->def->bridge);
|
||||
iptablesRemoveForwardRejectOut(driver->iptables, network->def->bridge);
|
||||
@ -1006,17 +1032,23 @@ static int networkCheckRouteCollision(virNetworkObjPtr network)
|
||||
{
|
||||
int ret = -1, len;
|
||||
unsigned int net_dest;
|
||||
virSocketAddr netmask;
|
||||
char *cur, *buf = NULL;
|
||||
enum {MAX_ROUTE_SIZE = 1024*64};
|
||||
|
||||
if (!VIR_SOCKET_IS_FAMILY(&network->def->ipAddress, AF_INET) ||
|
||||
!VIR_SOCKET_IS_FAMILY(&network->def->netmask, AF_INET)) {
|
||||
if (!VIR_SOCKET_IS_FAMILY(&network->def->ipAddress, AF_INET)) {
|
||||
/* Only support collision check for IPv4 */
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (virNetworkDefNetmask(network->def, &netmask) < 0) {
|
||||
networkReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
_("Failed to get netmask of '%s'"),
|
||||
network->def->bridge);
|
||||
}
|
||||
|
||||
net_dest = (network->def->ipAddress.data.inet4.sin_addr.s_addr &
|
||||
network->def->netmask.data.inet4.sin_addr.s_addr);
|
||||
netmask.data.inet4.sin_addr.s_addr);
|
||||
|
||||
/* Read whole routing table into memory */
|
||||
if ((len = virFileReadAll(PROC_NET_ROUTE, MAX_ROUTE_SIZE, &buf)) < 0)
|
||||
@ -1069,7 +1101,7 @@ static int networkCheckRouteCollision(virNetworkObjPtr network)
|
||||
addr_val &= mask_val;
|
||||
|
||||
if ((net_dest == addr_val) &&
|
||||
(network->def->netmask.data.inet4.sin_addr.s_addr == mask_val)) {
|
||||
(netmask.data.inet4.sin_addr.s_addr == mask_val)) {
|
||||
networkReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
_("Network is already in use by interface %s"),
|
||||
iface);
|
||||
@ -1125,9 +1157,18 @@ static int networkStartNetworkDaemon(struct network_driver *driver,
|
||||
goto err_delbr;
|
||||
}
|
||||
|
||||
if (VIR_SOCKET_HAS_ADDR(&network->def->netmask) &&
|
||||
(err = brSetInetNetmask(driver->brctl, network->def->bridge,
|
||||
&network->def->netmask))) {
|
||||
virSocketAddr netmask;
|
||||
|
||||
if (virNetworkDefNetmask(network->def, &netmask) < 0) {
|
||||
|
||||
networkReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
_("bridge '%s' has an invalid netmask or IP address"),
|
||||
network->def->bridge);
|
||||
goto err_delbr;
|
||||
}
|
||||
|
||||
if ((err = brSetInetNetmask(driver->brctl, network->def->bridge,
|
||||
&netmask))) {
|
||||
virReportSystemError(err,
|
||||
_("cannot set netmask on bridge '%s'"),
|
||||
network->def->bridge);
|
||||
|
@ -276,25 +276,24 @@ iptablesRemoveUdpInput(iptablesContext *ctx,
|
||||
|
||||
|
||||
static char *iptablesFormatNetwork(virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask)
|
||||
unsigned int prefix)
|
||||
{
|
||||
virSocketAddr network;
|
||||
int prefix;
|
||||
char *netstr;
|
||||
char *ret;
|
||||
|
||||
if (!VIR_SOCKET_IS_FAMILY(netaddr, AF_INET) ||
|
||||
!VIR_SOCKET_IS_FAMILY(netmask, AF_INET)) {
|
||||
if (!VIR_SOCKET_IS_FAMILY(netaddr, AF_INET)) {
|
||||
iptablesError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
|
||||
_("Only IPv4 addresses can be used with iptables"));
|
||||
return NULL;
|
||||
}
|
||||
|
||||
network = *netaddr;
|
||||
network.data.inet4.sin_addr.s_addr &=
|
||||
netmask->data.inet4.sin_addr.s_addr;
|
||||
|
||||
prefix = virSocketGetNumNetmaskBits(netmask);
|
||||
if (virSocketAddrMaskByPrefix(&network, prefix) < 0) {
|
||||
iptablesError(VIR_ERR_INTERNAL_ERROR, "%s",
|
||||
_("Failure to mask address"));
|
||||
return NULL;
|
||||
}
|
||||
|
||||
netstr = virSocketFormatAddr(&network);
|
||||
|
||||
@ -315,7 +314,7 @@ static char *iptablesFormatNetwork(virSocketAddr *netaddr,
|
||||
static int
|
||||
iptablesForwardAllowOut(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev,
|
||||
int action)
|
||||
@ -323,7 +322,7 @@ iptablesForwardAllowOut(iptablesContext *ctx,
|
||||
int ret;
|
||||
char *networkstr;
|
||||
|
||||
if (!(networkstr = iptablesFormatNetwork(netaddr, netmask)))
|
||||
if (!(networkstr = iptablesFormatNetwork(netaddr, prefix)))
|
||||
return -1;
|
||||
|
||||
if (physdev && physdev[0]) {
|
||||
@ -362,11 +361,11 @@ iptablesForwardAllowOut(iptablesContext *ctx,
|
||||
int
|
||||
iptablesAddForwardAllowOut(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev)
|
||||
{
|
||||
return iptablesForwardAllowOut(ctx, netaddr, netmask, iface, physdev, ADD);
|
||||
return iptablesForwardAllowOut(ctx, netaddr, prefix, iface, physdev, ADD);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -385,11 +384,11 @@ iptablesAddForwardAllowOut(iptablesContext *ctx,
|
||||
int
|
||||
iptablesRemoveForwardAllowOut(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev)
|
||||
{
|
||||
return iptablesForwardAllowOut(ctx, netaddr, netmask, iface, physdev, REMOVE);
|
||||
return iptablesForwardAllowOut(ctx, netaddr, prefix, iface, physdev, REMOVE);
|
||||
}
|
||||
|
||||
|
||||
@ -399,7 +398,7 @@ iptablesRemoveForwardAllowOut(iptablesContext *ctx,
|
||||
static int
|
||||
iptablesForwardAllowRelatedIn(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev,
|
||||
int action)
|
||||
@ -407,7 +406,7 @@ iptablesForwardAllowRelatedIn(iptablesContext *ctx,
|
||||
int ret;
|
||||
char *networkstr;
|
||||
|
||||
if (!(networkstr = iptablesFormatNetwork(netaddr, netmask)))
|
||||
if (!(networkstr = iptablesFormatNetwork(netaddr, prefix)))
|
||||
return -1;
|
||||
|
||||
if (physdev && physdev[0]) {
|
||||
@ -450,11 +449,11 @@ iptablesForwardAllowRelatedIn(iptablesContext *ctx,
|
||||
int
|
||||
iptablesAddForwardAllowRelatedIn(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev)
|
||||
{
|
||||
return iptablesForwardAllowRelatedIn(ctx, netaddr, netmask, iface, physdev, ADD);
|
||||
return iptablesForwardAllowRelatedIn(ctx, netaddr, prefix, iface, physdev, ADD);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -473,11 +472,11 @@ iptablesAddForwardAllowRelatedIn(iptablesContext *ctx,
|
||||
int
|
||||
iptablesRemoveForwardAllowRelatedIn(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev)
|
||||
{
|
||||
return iptablesForwardAllowRelatedIn(ctx, netaddr, netmask, iface, physdev, REMOVE);
|
||||
return iptablesForwardAllowRelatedIn(ctx, netaddr, prefix, iface, physdev, REMOVE);
|
||||
}
|
||||
|
||||
/* Allow all traffic destined to the bridge, with a valid network address
|
||||
@ -485,7 +484,7 @@ iptablesRemoveForwardAllowRelatedIn(iptablesContext *ctx,
|
||||
static int
|
||||
iptablesForwardAllowIn(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev,
|
||||
int action)
|
||||
@ -493,7 +492,7 @@ iptablesForwardAllowIn(iptablesContext *ctx,
|
||||
int ret;
|
||||
char *networkstr;
|
||||
|
||||
if (!(networkstr = iptablesFormatNetwork(netaddr, netmask)))
|
||||
if (!(networkstr = iptablesFormatNetwork(netaddr, prefix)))
|
||||
return -1;
|
||||
|
||||
if (physdev && physdev[0]) {
|
||||
@ -532,11 +531,11 @@ iptablesForwardAllowIn(iptablesContext *ctx,
|
||||
int
|
||||
iptablesAddForwardAllowIn(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev)
|
||||
{
|
||||
return iptablesForwardAllowIn(ctx, netaddr, netmask, iface, physdev, ADD);
|
||||
return iptablesForwardAllowIn(ctx, netaddr, prefix, iface, physdev, ADD);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -555,11 +554,11 @@ iptablesAddForwardAllowIn(iptablesContext *ctx,
|
||||
int
|
||||
iptablesRemoveForwardAllowIn(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev)
|
||||
{
|
||||
return iptablesForwardAllowIn(ctx, netaddr, netmask, iface, physdev, REMOVE);
|
||||
return iptablesForwardAllowIn(ctx, netaddr, prefix, iface, physdev, REMOVE);
|
||||
}
|
||||
|
||||
|
||||
@ -722,7 +721,7 @@ iptablesRemoveForwardRejectIn(iptablesContext *ctx,
|
||||
static int
|
||||
iptablesForwardMasquerade(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *physdev,
|
||||
const char *protocol,
|
||||
int action)
|
||||
@ -730,7 +729,7 @@ iptablesForwardMasquerade(iptablesContext *ctx,
|
||||
int ret;
|
||||
char *networkstr;
|
||||
|
||||
if (!(networkstr = iptablesFormatNetwork(netaddr, netmask)))
|
||||
if (!(networkstr = iptablesFormatNetwork(netaddr, prefix)))
|
||||
return -1;
|
||||
|
||||
if (protocol && protocol[0]) {
|
||||
@ -792,11 +791,11 @@ iptablesForwardMasquerade(iptablesContext *ctx,
|
||||
int
|
||||
iptablesAddForwardMasquerade(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *physdev,
|
||||
const char *protocol)
|
||||
{
|
||||
return iptablesForwardMasquerade(ctx, netaddr, netmask, physdev, protocol, ADD);
|
||||
return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev, protocol, ADD);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -815,11 +814,11 @@ iptablesAddForwardMasquerade(iptablesContext *ctx,
|
||||
int
|
||||
iptablesRemoveForwardMasquerade(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *physdev,
|
||||
const char *protocol)
|
||||
{
|
||||
return iptablesForwardMasquerade(ctx, netaddr, netmask, physdev, protocol, REMOVE);
|
||||
return iptablesForwardMasquerade(ctx, netaddr, prefix, physdev, protocol, REMOVE);
|
||||
}
|
||||
|
||||
|
||||
|
@ -45,34 +45,34 @@ int iptablesRemoveUdpInput (iptablesContext *ctx,
|
||||
|
||||
int iptablesAddForwardAllowOut (iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev);
|
||||
int iptablesRemoveForwardAllowOut (iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev);
|
||||
|
||||
int iptablesAddForwardAllowRelatedIn(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev);
|
||||
int iptablesRemoveForwardAllowRelatedIn(iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev);
|
||||
|
||||
int iptablesAddForwardAllowIn (iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev);
|
||||
int iptablesRemoveForwardAllowIn (iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *iface,
|
||||
const char *physdev);
|
||||
|
||||
@ -93,12 +93,12 @@ int iptablesRemoveForwardRejectIn (iptablesContext *ctx,
|
||||
|
||||
int iptablesAddForwardMasquerade (iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *physdev,
|
||||
const char *protocol);
|
||||
int iptablesRemoveForwardMasquerade (iptablesContext *ctx,
|
||||
virSocketAddr *netaddr,
|
||||
virSocketAddr *netmask,
|
||||
unsigned int prefix,
|
||||
const char *physdev,
|
||||
const char *protocol);
|
||||
int iptablesAddOutputFixUdpChecksum (iptablesContext *ctx,
|
||||
|
Loading…
Reference in New Issue
Block a user