shaba/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-09 13:57:27 +03:00
Code Releases Activity

Extend rule priorities into negative numbers

Browse Source 
So far rules' priorities have only been valid in the range [0,1000].
Now I am extending their priority into the range [-1000, 1000] for subsequently
being able to sort rules and the access of (jumps into) chains following
priorities.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
This commit is contained in:
Stefan Berger 2011-11-18 11:58:18 -05:00 committed by Stefan Berger
parent ea7c73a76f
commit f6e80a713f
4 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/conf/nwfilter_conf.c
View File

@ -1897,7 +1897,7 @@ virNWFilterRuleParse(xmlNodePtr node)
char *statematch; char *statematch;
int found; int found;
int found_i = 0; int found_i = 0;
unsigned int priority; int priority;
xmlNodePtr cur; xmlNodePtr cur;
virNWFilterRuleDefPtr ret; virNWFilterRuleDefPtr ret;
@ -1943,8 +1943,9 @@ virNWFilterRuleParse(xmlNodePtr node)
ret->priority = MAX_RULE_PRIORITY / 2; ret->priority = MAX_RULE_PRIORITY / 2;
if (prio) { if (prio) {
if (virStrToLong_ui(prio, NULL, 10, &priority) >= 0) { if (virStrToLong_i(prio, NULL, 10, &priority) >= 0) {
if (priority <= MAX_RULE_PRIORITY) if (priority <= MAX_RULE_PRIORITY &&
priority >= MIN_RULE_PRIORITY)
ret->priority = priority; ret->priority = priority;
} }
} }

6
src/conf/nwfilter_conf.h
View File

@ -357,7 +357,7 @@ enum virNWFilterEbtablesTableType {
}; };
# define MIN_RULE_PRIORITY 0 # define MIN_RULE_PRIORITY -1000
# define MAX_RULE_PRIORITY 1000 # define MAX_RULE_PRIORITY 1000
# define NWFILTER_MIN_FILTER_PRIORITY -1000 # define NWFILTER_MIN_FILTER_PRIORITY -1000
@ -389,10 +389,12 @@ enum virNWFilterRuleFlags {
void virNWFilterPrintStateMatchFlags(virBufferPtr buf, const char *prefix, void virNWFilterPrintStateMatchFlags(virBufferPtr buf, const char *prefix,
int32_t flags, bool disp_none); int32_t flags, bool disp_none);
typedef int32_t virNWFilterRulePriority;
typedef struct _virNWFilterRuleDef virNWFilterRuleDef; typedef struct _virNWFilterRuleDef virNWFilterRuleDef;
typedef virNWFilterRuleDef *virNWFilterRuleDefPtr; typedef virNWFilterRuleDef *virNWFilterRuleDefPtr;
struct _virNWFilterRuleDef { struct _virNWFilterRuleDef {
unsigned int priority; virNWFilterRulePriority priority;
enum virNWFilterRuleFlags flags; enum virNWFilterRuleFlags flags;
int action; /*enum virNWFilterRuleActionType*/ int action; /*enum virNWFilterRuleActionType*/
int tt; /*enum virNWFilterRuleDirectionType*/ int tt; /*enum virNWFilterRuleDirectionType*/

2
src/nwfilter/nwfilter_ebiptables_driver.c
View File

@ -388,7 +388,7 @@ ebiptablesAddRuleInst(virNWFilterRuleInstPtr res,
const char *neededChain, const char *neededChain,
virNWFilterChainPriority chainPriority, virNWFilterChainPriority chainPriority,
char chainprefix, char chainprefix,
unsigned int priority, virNWFilterRulePriority priority,
enum RuleType ruleType) enum RuleType ruleType)
{ {
ebiptablesRuleInstPtr inst; ebiptablesRuleInstPtr inst;

2
src/nwfilter/nwfilter_ebiptables_driver.h
View File

@ -38,7 +38,7 @@ struct _ebiptablesRuleInst {
const char *neededProtocolChain; const char *neededProtocolChain;
virNWFilterChainPriority chainPriority; virNWFilterChainPriority chainPriority;
char chainprefix; /* I for incoming, O for outgoing */ char chainprefix; /* I for incoming, O for outgoing */
unsigned int priority; virNWFilterRulePriority priority;
enum RuleType ruleType; enum RuleType ruleType;
}; };