2012-07-23 14:15:55 +08:00
|
|
|
/*
|
2012-08-20 16:56:03 -06:00
|
|
|
* virsh-nwfilter.c: Commands to manage network filters
|
2012-07-23 14:15:55 +08:00
|
|
|
*
|
2016-01-09 08:36:29 -05:00
|
|
|
* Copyright (C) 2005, 2007-2016 Red Hat, Inc.
|
2012-07-23 14:15:55 +08:00
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
2012-09-20 16:30:55 -06:00
|
|
|
* License along with this library. If not, see
|
2012-07-23 14:15:55 +08:00
|
|
|
* <http://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
|
2012-08-20 16:56:03 -06:00
|
|
|
#include <config.h>
|
|
|
|
#include "virsh-nwfilter.h"
|
2021-09-26 13:18:17 +02:00
|
|
|
#include "virsh-util.h"
|
2012-07-23 14:15:55 +08:00
|
|
|
|
2012-08-20 16:56:03 -06:00
|
|
|
#include "internal.h"
|
2012-12-12 18:06:53 +00:00
|
|
|
#include "viralloc.h"
|
2013-05-09 14:59:04 -04:00
|
|
|
#include "virfile.h"
|
2018-09-21 16:17:15 +02:00
|
|
|
#include "vsh-table.h"
|
2012-08-20 16:56:03 -06:00
|
|
|
|
|
|
|
virNWFilterPtr
|
2015-06-15 18:53:58 +02:00
|
|
|
virshCommandOptNWFilterBy(vshControl *ctl, const vshCmd *cmd,
|
|
|
|
const char **name, unsigned int flags)
|
2012-07-23 14:15:55 +08:00
|
|
|
{
|
|
|
|
virNWFilterPtr nwfilter = NULL;
|
|
|
|
const char *n = NULL;
|
|
|
|
const char *optname = "nwfilter";
|
2021-03-11 08:16:13 +01:00
|
|
|
virshControl *priv = ctl->privData;
|
2015-06-15 18:53:58 +02:00
|
|
|
|
|
|
|
virCheckFlags(VIRSH_BYUUID | VIRSH_BYNAME, NULL);
|
2012-08-20 16:56:03 -06:00
|
|
|
|
2013-01-21 18:18:41 +01:00
|
|
|
if (vshCommandOptStringReq(ctl, cmd, optname, &n) < 0)
|
2012-07-23 14:15:55 +08:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
vshDebug(ctl, VSH_ERR_INFO, "%s: found option <%s>: %s\n",
|
|
|
|
cmd->def->name, optname, n);
|
|
|
|
|
|
|
|
if (name)
|
|
|
|
*name = n;
|
|
|
|
|
|
|
|
/* try it by UUID */
|
2015-06-15 18:53:58 +02:00
|
|
|
if ((flags & VIRSH_BYUUID) && strlen(n) == VIR_UUID_STRING_BUFLEN-1) {
|
2012-07-23 14:15:55 +08:00
|
|
|
vshDebug(ctl, VSH_ERR_DEBUG, "%s: <%s> trying as nwfilter UUID\n",
|
|
|
|
cmd->def->name, optname);
|
2015-06-15 18:53:58 +02:00
|
|
|
nwfilter = virNWFilterLookupByUUIDString(priv->conn, n);
|
2012-07-23 14:15:55 +08:00
|
|
|
}
|
|
|
|
/* try it by NAME */
|
2015-06-15 18:53:58 +02:00
|
|
|
if (!nwfilter && (flags & VIRSH_BYNAME)) {
|
2012-07-23 14:15:55 +08:00
|
|
|
vshDebug(ctl, VSH_ERR_DEBUG, "%s: <%s> trying as nwfilter NAME\n",
|
|
|
|
cmd->def->name, optname);
|
2015-06-15 18:53:58 +02:00
|
|
|
nwfilter = virNWFilterLookupByName(priv->conn, n);
|
2012-07-23 14:15:55 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if (!nwfilter)
|
2023-03-09 15:54:58 +01:00
|
|
|
vshError(ctl, _("failed to get nwfilter '%1$s'"), n);
|
2012-07-23 14:15:55 +08:00
|
|
|
|
|
|
|
return nwfilter;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* "nwfilter-define" command
|
|
|
|
*/
|
|
|
|
static const vshCmdInfo info_nwfilter_define[] = {
|
2013-02-07 16:25:10 +01:00
|
|
|
{.name = "help",
|
|
|
|
.data = N_("define or update a network filter from an XML file")
|
|
|
|
},
|
|
|
|
{.name = "desc",
|
|
|
|
.data = N_("Define a new network filter or update an existing one.")
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static const vshCmdOptDef opts_nwfilter_define[] = {
|
2016-01-09 08:36:29 -05:00
|
|
|
VIRSH_COMMON_OPT_FILE(N_("file containing an XML network "
|
|
|
|
"filter description")),
|
2021-08-20 13:57:10 +02:00
|
|
|
{.name = "validate",
|
|
|
|
.type = VSH_OT_BOOL,
|
|
|
|
.help = N_("validate the XML against the schema")
|
|
|
|
},
|
2013-01-14 15:32:22 +01:00
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static bool
|
|
|
|
cmdNWFilterDefine(vshControl *ctl, const vshCmd *cmd)
|
|
|
|
{
|
2021-09-26 13:18:17 +02:00
|
|
|
g_autoptr(virshNWFilter) nwfilter = NULL;
|
2012-07-23 14:15:55 +08:00
|
|
|
const char *from = NULL;
|
|
|
|
bool ret = true;
|
2021-08-11 15:25:15 +02:00
|
|
|
g_autofree char *buffer = NULL;
|
2021-08-20 13:57:10 +02:00
|
|
|
unsigned int flags = 0;
|
2021-03-11 08:16:13 +01:00
|
|
|
virshControl *priv = ctl->privData;
|
2012-07-23 14:15:55 +08:00
|
|
|
|
2013-01-21 18:18:41 +01:00
|
|
|
if (vshCommandOptStringReq(ctl, cmd, "file", &from) < 0)
|
2012-07-23 14:15:55 +08:00
|
|
|
return false;
|
|
|
|
|
2021-08-20 13:57:10 +02:00
|
|
|
if (vshCommandOptBool(cmd, "validate"))
|
|
|
|
flags |= VIR_NWFILTER_DEFINE_VALIDATE;
|
|
|
|
|
virsh: use common namespacing
Convert the exported items in virsh.h to use a common 'vsh' prefix.
* tools/virsh.h (VIRSH_MAX_XML_FILE): Rename...
(VSH_MAX_XML_FILE): ...and parenthesize.
(DIFF_MSEC, CTRL_CLOSE_BRACKET): Delete.
(vshUsage, vshInit, vshDeinit, vshParseArgv): Remove prototype.
(editWriteToTempFile, editFile, editReadBackFile, prettyCapacity)
(virshReportError): Rename...
(vshEditWriteToTempFile, vshEditFile, vshEditReadBackFile)
(vshPrettyCapacity, vshReportError): ...into vsh namespace.
(jobWatchTimeoutFunc): Move to virsh-domain.c.
* tools/virsh.c (vshCommandRun): Inline former DIFF_MSEC.
(main): Inline former CTRL_CLOSE_BRACKET.
(vshUsage, vshInit, vshDeinit, vshParseArgv): Make static.
(prettyCapacity, virshReportError, editWriteToTempFile, editFile):
Fix naming, and adjust usage.
(vshAskReedit, vshCommandRun, vshEventLoop, vshInit): Adjust
usage.
* tools/virsh-domain.c (cmdAttachDevice, cmdCPUCompare)
(cmdCPUBaseline, cmdCreate, cmdDefine, cmdDetachDevice)
(cmdUpdateDevice, cmdDesc, cmdUndefine, cmdStart, cmdVcpucount)
(cmdAttachDevice, cmdDomjobinfo): Likewise.
* tools/virsh-edit.c (do): Likewise.
* tools/virsh-interface.c (cmdInterfaceDefine): Likewise.
* tools/virsh-network.c (cmdNetworkCreate, cmdNetworkDefine):
Likewise.
* tools/virsh-nodedev.c (cmdNodeDeviceCreate): Likewise.
* tools/virsh-nwfilter.c (cmdNWFilterDefine): Likewise.
* tools/virsh-pool.c (cmdPoolCreate, cmdPoolDefine)
(cmdPoolDiscoverSources, cmdPoolList): Likewise.
* tools/virsh-secret.c (cmdSecretDefine): Likewise.
* tools/virsh-snapshot.c (cmdSnapshotCreate, vshSnapshotCreate)
(vshLookupSnapshot, cmdSnapshotEdit, cmdSnapshotCurrent)
(vshGetSnapshotParent): Likewise.
* tools/virsh-volume.c (cmdVolCreate, cmdVolCreateFrom)
(cmdVolInfo, cmdVolList): Likewise.
2012-08-18 22:10:17 -06:00
|
|
|
if (virFileReadAll(from, VSH_MAX_XML_FILE, &buffer) < 0)
|
2012-07-23 14:15:55 +08:00
|
|
|
return false;
|
|
|
|
|
2021-08-20 13:57:10 +02:00
|
|
|
if (flags)
|
|
|
|
nwfilter = virNWFilterDefineXMLFlags(priv->conn, buffer, flags);
|
|
|
|
else
|
|
|
|
nwfilter = virNWFilterDefineXML(priv->conn, buffer);
|
2012-07-23 14:15:55 +08:00
|
|
|
|
|
|
|
if (nwfilter != NULL) {
|
2023-03-09 15:54:58 +01:00
|
|
|
vshPrintExtra(ctl, _("Network filter %1$s defined from %2$s\n"),
|
2016-08-24 16:14:23 +02:00
|
|
|
virNWFilterGetName(nwfilter), from);
|
2012-07-23 14:15:55 +08:00
|
|
|
} else {
|
2023-03-09 15:54:58 +01:00
|
|
|
vshError(ctl, _("Failed to define network filter from %1$s"), from);
|
2012-07-23 14:15:55 +08:00
|
|
|
ret = false;
|
|
|
|
}
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* "nwfilter-undefine" command
|
|
|
|
*/
|
|
|
|
static const vshCmdInfo info_nwfilter_undefine[] = {
|
2013-02-07 16:25:10 +01:00
|
|
|
{.name = "help",
|
|
|
|
.data = N_("undefine a network filter")
|
|
|
|
},
|
|
|
|
{.name = "desc",
|
|
|
|
.data = N_("Undefine a given network filter.")
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static const vshCmdOptDef opts_nwfilter_undefine[] = {
|
2013-01-14 15:32:22 +01:00
|
|
|
{.name = "nwfilter",
|
|
|
|
.type = VSH_OT_DATA,
|
|
|
|
.flags = VSH_OFLAG_REQ,
|
2018-01-12 14:51:34 +01:00
|
|
|
.help = N_("network filter name or uuid"),
|
|
|
|
.completer = virshNWFilterNameCompleter,
|
2013-01-14 15:32:22 +01:00
|
|
|
},
|
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static bool
|
|
|
|
cmdNWFilterUndefine(vshControl *ctl, const vshCmd *cmd)
|
|
|
|
{
|
2021-09-26 13:18:17 +02:00
|
|
|
g_autoptr(virshNWFilter) nwfilter = NULL;
|
2012-07-23 14:15:55 +08:00
|
|
|
bool ret = true;
|
|
|
|
const char *name;
|
|
|
|
|
2015-06-15 18:53:58 +02:00
|
|
|
if (!(nwfilter = virshCommandOptNWFilter(ctl, cmd, &name)))
|
2012-07-23 14:15:55 +08:00
|
|
|
return false;
|
|
|
|
|
|
|
|
if (virNWFilterUndefine(nwfilter) == 0) {
|
2023-03-09 15:54:58 +01:00
|
|
|
vshPrintExtra(ctl, _("Network filter %1$s undefined\n"), name);
|
2012-07-23 14:15:55 +08:00
|
|
|
} else {
|
2023-03-09 15:54:58 +01:00
|
|
|
vshError(ctl, _("Failed to undefine network filter %1$s"), name);
|
2012-07-23 14:15:55 +08:00
|
|
|
ret = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* "nwfilter-dumpxml" command
|
|
|
|
*/
|
|
|
|
static const vshCmdInfo info_nwfilter_dumpxml[] = {
|
2013-02-07 16:25:10 +01:00
|
|
|
{.name = "help",
|
|
|
|
.data = N_("network filter information in XML")
|
|
|
|
},
|
|
|
|
{.name = "desc",
|
|
|
|
.data = N_("Output the network filter information as an XML dump to stdout.")
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static const vshCmdOptDef opts_nwfilter_dumpxml[] = {
|
2013-01-14 15:32:22 +01:00
|
|
|
{.name = "nwfilter",
|
|
|
|
.type = VSH_OT_DATA,
|
|
|
|
.flags = VSH_OFLAG_REQ,
|
2018-01-12 14:51:34 +01:00
|
|
|
.help = N_("network filter name or uuid"),
|
|
|
|
.completer = virshNWFilterNameCompleter,
|
2013-01-14 15:32:22 +01:00
|
|
|
},
|
2022-06-16 16:29:54 +01:00
|
|
|
{.name = "xpath",
|
|
|
|
.type = VSH_OT_STRING,
|
virsh: Require --xpath for *dumpxml
Historically, the dumpxml command reject any unknown arguments,
for instance:
virsh dumpxml fedora xxx
However, after v8.5.0-rc1~31 the second argument ('xxx') is
treated as an XPath, but it's not that clearly visible.
Therefore, require the --xpath switch, like this:
virsh dumpxml fedora --xpath xxx
Yes, this breaks already released virsh, but I think we can argue
that the pool of users of this particular function is very small.
We also document the argument being mandatory:
dumpxml [--inactive] [--security-info] [--update-cpu] [--migratable]
[--xpath EXPRESSION] [--wrap] domain
The sooner we do this change, the better.
The same applies for other *dumpxml functions (net-dumpxml,
pool-dumpxml, vol-dumpxl to name a few).
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2103524
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-07-08 12:45:42 +02:00
|
|
|
.flags = VSH_OFLAG_REQ_OPT,
|
2022-06-16 16:29:54 +01:00
|
|
|
.completer = virshCompleteEmpty,
|
|
|
|
.help = N_("xpath expression to filter the XML document")
|
|
|
|
},
|
|
|
|
{.name = "wrap",
|
|
|
|
.type = VSH_OT_BOOL,
|
|
|
|
.help = N_("wrap xpath results in an common root element"),
|
|
|
|
},
|
2013-01-14 15:32:22 +01:00
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static bool
|
|
|
|
cmdNWFilterDumpXML(vshControl *ctl, const vshCmd *cmd)
|
|
|
|
{
|
2021-09-26 13:18:17 +02:00
|
|
|
g_autoptr(virshNWFilter) nwfilter = NULL;
|
2022-06-16 16:29:54 +01:00
|
|
|
g_autofree char *xml = NULL;
|
|
|
|
bool wrap = vshCommandOptBool(cmd, "wrap");
|
|
|
|
const char *xpath = NULL;
|
2012-07-23 14:15:55 +08:00
|
|
|
|
2015-06-15 18:53:58 +02:00
|
|
|
if (!(nwfilter = virshCommandOptNWFilter(ctl, cmd, NULL)))
|
2012-07-23 14:15:55 +08:00
|
|
|
return false;
|
|
|
|
|
2022-06-16 16:29:54 +01:00
|
|
|
if (vshCommandOptStringQuiet(ctl, cmd, "xpath", &xpath) < 0)
|
|
|
|
return false;
|
2012-07-23 14:15:55 +08:00
|
|
|
|
2022-06-16 16:29:54 +01:00
|
|
|
if (!(xml = virNWFilterGetXMLDesc(nwfilter, 0)))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
return virshDumpXML(ctl, xml, "nwfilter", xpath, wrap);
|
2012-07-23 14:15:55 +08:00
|
|
|
}
|
|
|
|
|
2012-09-05 14:02:07 +08:00
|
|
|
static int
|
lib: Replace qsort() with g_qsort_with_data()
While glibc provides qsort(), which usually is just a mergesort,
until sorting arrays so huge that temporary array used by
mergesort would not fit into physical memory (which in our case
is never), we are not guaranteed it'll use mergesort. The
advantage of mergesort is clear - it's stable. IOW, if we have an
array of values parsed from XML, qsort() it and produce some
output based on those values, we can then compare the output with
some expected output, line by line.
But with newer glibc this is all history. After [1], qsort() is
no longer mergesort but introsort instead, which is not stable.
This is suboptimal, because in some cases we want to preserve
order of equal items. For instance, in ebiptablesApplyNewRules(),
nwfilter rules are sorted by their priority. But if two rules
have the same priority, we want to keep them in the order they
appear in the XML. Since it's hard/needless work to identify
places where stable or unstable sorting is needed, let's just
play it safe and use stable sorting everywhere.
Fortunately, glib provides g_qsort_with_data() which indeed
implement mergesort and it's a drop in replacement for qsort(),
almost. It accepts fifth argument (pointer to opaque data), that
is passed to comparator function, which then accepts three
arguments.
We have to keep one occurance of qsort() though - in NSS module
which deliberately does not link with glib.
1: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=03bf8357e8291857a435afcc3048e0b697b6cc04
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-11-22 14:58:49 +01:00
|
|
|
virshNWFilterSorter(const void *a,
|
|
|
|
const void *b,
|
|
|
|
void *opaque G_GNUC_UNUSED)
|
2012-09-05 14:02:07 +08:00
|
|
|
{
|
|
|
|
virNWFilterPtr *fa = (virNWFilterPtr *) a;
|
|
|
|
virNWFilterPtr *fb = (virNWFilterPtr *) b;
|
|
|
|
|
|
|
|
if (*fa && !*fb)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
if (!*fa)
|
|
|
|
return *fb != NULL;
|
|
|
|
|
|
|
|
return vshStrcasecmp(virNWFilterGetName(*fa),
|
|
|
|
virNWFilterGetName(*fb));
|
|
|
|
}
|
|
|
|
|
2015-06-15 18:53:58 +02:00
|
|
|
struct virshNWFilterList {
|
2012-09-05 14:02:07 +08:00
|
|
|
virNWFilterPtr *filters;
|
|
|
|
size_t nfilters;
|
|
|
|
};
|
|
|
|
|
|
|
|
static void
|
2021-03-11 08:16:13 +01:00
|
|
|
virshNWFilterListFree(struct virshNWFilterList *list)
|
2012-09-05 14:02:07 +08:00
|
|
|
{
|
Convert 'int i' to 'size_t i' in tools/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 15:09:33 +01:00
|
|
|
size_t i;
|
2012-09-05 14:02:07 +08:00
|
|
|
|
2013-08-27 13:27:50 +02:00
|
|
|
if (list && list->filters) {
|
2012-09-05 14:02:07 +08:00
|
|
|
for (i = 0; i < list->nfilters; i++) {
|
2021-09-26 13:18:17 +02:00
|
|
|
virshNWFilterFree(list->filters[i]);
|
2012-09-05 14:02:07 +08:00
|
|
|
}
|
2021-02-03 14:32:55 -05:00
|
|
|
g_free(list->filters);
|
2012-09-05 14:02:07 +08:00
|
|
|
}
|
2021-02-03 14:32:55 -05:00
|
|
|
g_free(list);
|
2012-09-05 14:02:07 +08:00
|
|
|
}
|
|
|
|
|
2021-03-11 08:16:13 +01:00
|
|
|
static struct virshNWFilterList *
|
2015-06-15 18:53:58 +02:00
|
|
|
virshNWFilterListCollect(vshControl *ctl,
|
|
|
|
unsigned int flags)
|
2012-09-05 14:02:07 +08:00
|
|
|
{
|
2021-03-11 08:16:13 +01:00
|
|
|
struct virshNWFilterList *list = g_new0(struct virshNWFilterList, 1);
|
Convert 'int i' to 'size_t i' in tools/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 15:09:33 +01:00
|
|
|
size_t i;
|
2012-09-05 14:02:07 +08:00
|
|
|
int ret;
|
|
|
|
virNWFilterPtr filter;
|
|
|
|
bool success = false;
|
|
|
|
size_t deleted = 0;
|
|
|
|
int nfilters = 0;
|
|
|
|
char **names = NULL;
|
2021-03-11 08:16:13 +01:00
|
|
|
virshControl *priv = ctl->privData;
|
2012-09-05 14:02:07 +08:00
|
|
|
|
|
|
|
/* try the list with flags support (0.10.2 and later) */
|
2015-06-15 18:53:58 +02:00
|
|
|
if ((ret = virConnectListAllNWFilters(priv->conn,
|
2012-09-05 14:02:07 +08:00
|
|
|
&list->filters,
|
|
|
|
flags)) >= 0) {
|
|
|
|
list->nfilters = ret;
|
|
|
|
goto finished;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* check if the command is actually supported */
|
|
|
|
if (last_error && last_error->code == VIR_ERR_NO_SUPPORT) {
|
|
|
|
vshResetLibvirtError();
|
|
|
|
goto fallback;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* there was an error during the call */
|
2017-12-12 17:41:46 +00:00
|
|
|
vshError(ctl, "%s", _("Failed to list network filters"));
|
2012-09-05 14:02:07 +08:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
2014-03-25 07:53:59 +01:00
|
|
|
fallback:
|
2012-09-05 14:02:07 +08:00
|
|
|
/* fall back to old method (0.9.13 and older) */
|
|
|
|
vshResetLibvirtError();
|
|
|
|
|
2015-06-15 18:53:58 +02:00
|
|
|
nfilters = virConnectNumOfNWFilters(priv->conn);
|
2012-09-05 14:02:07 +08:00
|
|
|
if (nfilters < 0) {
|
|
|
|
vshError(ctl, "%s", _("Failed to count network filters"));
|
|
|
|
goto cleanup;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (nfilters == 0)
|
|
|
|
return list;
|
|
|
|
|
2020-10-05 18:50:09 +02:00
|
|
|
names = g_new0(char *, nfilters);
|
2012-09-05 14:02:07 +08:00
|
|
|
|
2015-06-15 18:53:58 +02:00
|
|
|
nfilters = virConnectListNWFilters(priv->conn, names, nfilters);
|
2012-09-05 14:02:07 +08:00
|
|
|
if (nfilters < 0) {
|
|
|
|
vshError(ctl, "%s", _("Failed to list network filters"));
|
|
|
|
goto cleanup;
|
|
|
|
}
|
|
|
|
|
2020-10-05 18:50:09 +02:00
|
|
|
list->filters = g_new0(virNWFilterPtr, nfilters);
|
2012-09-05 14:02:07 +08:00
|
|
|
list->nfilters = 0;
|
|
|
|
|
|
|
|
/* get the network filters */
|
2013-05-21 15:44:53 +08:00
|
|
|
for (i = 0; i < nfilters; i++) {
|
2015-06-15 18:53:58 +02:00
|
|
|
if (!(filter = virNWFilterLookupByName(priv->conn, names[i])))
|
2012-09-05 14:02:07 +08:00
|
|
|
continue;
|
|
|
|
list->filters[list->nfilters++] = filter;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* truncate network filters that weren't found */
|
|
|
|
deleted = nfilters - list->nfilters;
|
|
|
|
|
2014-03-25 07:53:59 +01:00
|
|
|
finished:
|
2012-09-05 14:02:07 +08:00
|
|
|
/* sort the list */
|
lib: Replace qsort() with g_qsort_with_data()
While glibc provides qsort(), which usually is just a mergesort,
until sorting arrays so huge that temporary array used by
mergesort would not fit into physical memory (which in our case
is never), we are not guaranteed it'll use mergesort. The
advantage of mergesort is clear - it's stable. IOW, if we have an
array of values parsed from XML, qsort() it and produce some
output based on those values, we can then compare the output with
some expected output, line by line.
But with newer glibc this is all history. After [1], qsort() is
no longer mergesort but introsort instead, which is not stable.
This is suboptimal, because in some cases we want to preserve
order of equal items. For instance, in ebiptablesApplyNewRules(),
nwfilter rules are sorted by their priority. But if two rules
have the same priority, we want to keep them in the order they
appear in the XML. Since it's hard/needless work to identify
places where stable or unstable sorting is needed, let's just
play it safe and use stable sorting everywhere.
Fortunately, glib provides g_qsort_with_data() which indeed
implement mergesort and it's a drop in replacement for qsort(),
almost. It accepts fifth argument (pointer to opaque data), that
is passed to comparator function, which then accepts three
arguments.
We have to keep one occurance of qsort() though - in NSS module
which deliberately does not link with glib.
1: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=03bf8357e8291857a435afcc3048e0b697b6cc04
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-11-22 14:58:49 +01:00
|
|
|
if (list->filters && list->nfilters) {
|
|
|
|
g_qsort_with_data(list->filters, list->nfilters,
|
|
|
|
sizeof(*list->filters), virshNWFilterSorter, NULL);
|
|
|
|
}
|
2012-09-05 14:02:07 +08:00
|
|
|
|
|
|
|
/* truncate the list for not found filter objects */
|
|
|
|
if (deleted)
|
|
|
|
VIR_SHRINK_N(list->filters, list->nfilters, deleted);
|
|
|
|
|
|
|
|
success = true;
|
|
|
|
|
2014-03-25 07:53:59 +01:00
|
|
|
cleanup:
|
Convert 'int i' to 'size_t i' in tools/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 15:09:33 +01:00
|
|
|
for (i = 0; nfilters != -1 && i < nfilters; i++)
|
2012-09-05 14:02:07 +08:00
|
|
|
VIR_FREE(names[i]);
|
|
|
|
VIR_FREE(names);
|
|
|
|
|
|
|
|
if (!success) {
|
2022-01-28 18:42:45 +01:00
|
|
|
g_clear_pointer(&list, virshNWFilterListFree);
|
2012-09-05 14:02:07 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
return list;
|
|
|
|
}
|
|
|
|
|
2012-07-23 14:15:55 +08:00
|
|
|
/*
|
|
|
|
* "nwfilter-list" command
|
|
|
|
*/
|
|
|
|
static const vshCmdInfo info_nwfilter_list[] = {
|
2013-02-07 16:25:10 +01:00
|
|
|
{.name = "help",
|
|
|
|
.data = N_("list network filters")
|
|
|
|
},
|
|
|
|
{.name = "desc",
|
|
|
|
.data = N_("Returns list of network filters.")
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static const vshCmdOptDef opts_nwfilter_list[] = {
|
2013-01-14 15:32:22 +01:00
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static bool
|
2019-10-14 14:44:29 +02:00
|
|
|
cmdNWFilterList(vshControl *ctl, const vshCmd *cmd G_GNUC_UNUSED)
|
2012-07-23 14:15:55 +08:00
|
|
|
{
|
Convert 'int i' to 'size_t i' in tools/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 15:09:33 +01:00
|
|
|
size_t i;
|
2012-07-23 14:15:55 +08:00
|
|
|
char uuid[VIR_UUID_STRING_BUFLEN];
|
2018-09-21 16:17:15 +02:00
|
|
|
bool ret = false;
|
2021-03-11 08:16:13 +01:00
|
|
|
struct virshNWFilterList *list = NULL;
|
2021-08-11 15:12:02 +02:00
|
|
|
g_autoptr(vshTable) table = NULL;
|
2012-07-23 14:15:55 +08:00
|
|
|
|
2015-06-15 18:53:58 +02:00
|
|
|
if (!(list = virshNWFilterListCollect(ctl, 0)))
|
2012-07-23 14:15:55 +08:00
|
|
|
return false;
|
|
|
|
|
2018-09-21 16:17:15 +02:00
|
|
|
table = vshTableNew(_("UUID"), _("Name"), NULL);
|
|
|
|
if (!table)
|
|
|
|
goto cleanup;
|
2012-07-23 14:15:55 +08:00
|
|
|
|
2012-09-05 14:02:07 +08:00
|
|
|
for (i = 0; i < list->nfilters; i++) {
|
|
|
|
virNWFilterPtr nwfilter = list->filters[i];
|
2012-07-23 14:15:55 +08:00
|
|
|
|
|
|
|
virNWFilterGetUUIDString(nwfilter, uuid);
|
2018-09-21 16:17:15 +02:00
|
|
|
if (vshTableRowAppend(table,
|
|
|
|
uuid,
|
|
|
|
virNWFilterGetName(nwfilter),
|
|
|
|
NULL) < 0)
|
|
|
|
goto cleanup;
|
2012-07-23 14:15:55 +08:00
|
|
|
}
|
|
|
|
|
2018-09-21 16:17:15 +02:00
|
|
|
vshTablePrintToStdout(table, ctl);
|
|
|
|
|
|
|
|
ret = true;
|
|
|
|
cleanup:
|
2015-06-15 18:53:58 +02:00
|
|
|
virshNWFilterListFree(list);
|
2018-09-21 16:17:15 +02:00
|
|
|
return ret;
|
2012-07-23 14:15:55 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* "nwfilter-edit" command
|
|
|
|
*/
|
|
|
|
static const vshCmdInfo info_nwfilter_edit[] = {
|
2013-02-07 16:25:10 +01:00
|
|
|
{.name = "help",
|
|
|
|
.data = N_("edit XML configuration for a network filter")
|
|
|
|
},
|
|
|
|
{.name = "desc",
|
|
|
|
.data = N_("Edit the XML configuration for a network filter.")
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static const vshCmdOptDef opts_nwfilter_edit[] = {
|
2013-01-14 15:32:22 +01:00
|
|
|
{.name = "nwfilter",
|
|
|
|
.type = VSH_OT_DATA,
|
|
|
|
.flags = VSH_OFLAG_REQ,
|
2018-01-12 14:51:34 +01:00
|
|
|
.help = N_("network filter name or uuid"),
|
|
|
|
.completer = virshNWFilterNameCompleter,
|
2013-01-14 15:32:22 +01:00
|
|
|
},
|
|
|
|
{.name = NULL}
|
2012-07-23 14:15:55 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static bool
|
|
|
|
cmdNWFilterEdit(vshControl *ctl, const vshCmd *cmd)
|
|
|
|
{
|
|
|
|
bool ret = false;
|
2021-09-26 13:18:17 +02:00
|
|
|
g_autoptr(virshNWFilter) nwfilter = NULL;
|
|
|
|
g_autoptr(virshNWFilter) nwfilter_edited = NULL;
|
2021-03-11 08:16:13 +01:00
|
|
|
virshControl *priv = ctl->privData;
|
2012-07-23 14:15:55 +08:00
|
|
|
|
2015-06-15 18:53:58 +02:00
|
|
|
nwfilter = virshCommandOptNWFilter(ctl, cmd, NULL);
|
2012-07-23 14:15:55 +08:00
|
|
|
if (nwfilter == NULL)
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
#define EDIT_GET_XML virNWFilterGetXMLDesc(nwfilter, 0)
|
2017-11-03 13:09:47 +01:00
|
|
|
#define EDIT_NOT_CHANGED \
|
|
|
|
do { \
|
2023-03-09 15:54:58 +01:00
|
|
|
vshPrintExtra(ctl, _("Network filter %1$s XML configuration not changed.\n"), \
|
|
|
|
virNWFilterGetName(nwfilter)); \
|
2017-11-03 13:09:47 +01:00
|
|
|
ret = true; \
|
|
|
|
goto edit_cleanup; \
|
2014-11-14 15:57:17 +01:00
|
|
|
} while (0)
|
2012-07-23 14:15:55 +08:00
|
|
|
#define EDIT_DEFINE \
|
2015-06-15 18:53:58 +02:00
|
|
|
(nwfilter_edited = virNWFilterDefineXML(priv->conn, doc_edited))
|
2012-07-23 14:15:55 +08:00
|
|
|
#include "virsh-edit.c"
|
|
|
|
|
2023-03-09 15:54:58 +01:00
|
|
|
vshPrintExtra(ctl, _("Network filter %1$s XML configuration edited.\n"),
|
2016-11-04 15:22:26 +01:00
|
|
|
virNWFilterGetName(nwfilter_edited));
|
2012-07-23 14:15:55 +08:00
|
|
|
|
|
|
|
ret = true;
|
|
|
|
|
2014-03-25 07:53:59 +01:00
|
|
|
cleanup:
|
2012-07-23 14:15:55 +08:00
|
|
|
return ret;
|
|
|
|
}
|
2012-07-23 15:19:04 +08:00
|
|
|
|
2018-05-09 17:44:35 +01:00
|
|
|
|
|
|
|
virNWFilterBindingPtr
|
|
|
|
virshCommandOptNWFilterBindingBy(vshControl *ctl,
|
|
|
|
const vshCmd *cmd,
|
|
|
|
const char **name,
|
|
|
|
unsigned int flags)
|
|
|
|
{
|
|
|
|
virNWFilterBindingPtr binding = NULL;
|
|
|
|
const char *n = NULL;
|
|
|
|
const char *optname = "binding";
|
2021-03-11 08:16:13 +01:00
|
|
|
virshControl *priv = ctl->privData;
|
2018-05-09 17:44:35 +01:00
|
|
|
|
|
|
|
virCheckFlags(0, NULL);
|
|
|
|
|
|
|
|
if (vshCommandOptStringReq(ctl, cmd, optname, &n) < 0)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
vshDebug(ctl, VSH_ERR_INFO, "%s: found option <%s>: %s\n",
|
|
|
|
cmd->def->name, optname, n);
|
|
|
|
|
|
|
|
if (name)
|
|
|
|
*name = n;
|
|
|
|
|
|
|
|
vshDebug(ctl, VSH_ERR_DEBUG, "%s: <%s> trying as nwfilter binding port dev\n",
|
|
|
|
cmd->def->name, optname);
|
|
|
|
binding = virNWFilterBindingLookupByPortDev(priv->conn, n);
|
|
|
|
|
|
|
|
if (!binding)
|
2023-03-09 15:54:58 +01:00
|
|
|
vshError(ctl, _("failed to get nwfilter binding '%1$s'"), n);
|
2018-05-09 17:44:35 +01:00
|
|
|
|
|
|
|
return binding;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* "nwfilter-binding-create" command
|
|
|
|
*/
|
|
|
|
static const vshCmdInfo info_nwfilter_binding_create[] = {
|
|
|
|
{.name = "help",
|
|
|
|
.data = N_("create a network filter binding from an XML file")
|
|
|
|
},
|
|
|
|
{.name = "desc",
|
|
|
|
.data = N_("Create a new network filter binding.")
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
static const vshCmdOptDef opts_nwfilter_binding_create[] = {
|
|
|
|
VIRSH_COMMON_OPT_FILE(N_("file containing an XML network "
|
|
|
|
"filter binding description")),
|
2021-08-26 14:32:35 +02:00
|
|
|
{.name = "validate",
|
|
|
|
.type = VSH_OT_BOOL,
|
|
|
|
.help = N_("validate the XML against the schema")
|
|
|
|
},
|
2018-05-09 17:44:35 +01:00
|
|
|
{.name = NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
static bool
|
|
|
|
cmdNWFilterBindingCreate(vshControl *ctl, const vshCmd *cmd)
|
|
|
|
{
|
|
|
|
virNWFilterBindingPtr binding;
|
|
|
|
const char *from = NULL;
|
2023-02-01 16:08:22 +01:00
|
|
|
g_autofree char *buffer = NULL;
|
2021-08-26 14:32:35 +02:00
|
|
|
unsigned int flags = 0;
|
2021-03-11 08:16:13 +01:00
|
|
|
virshControl *priv = ctl->privData;
|
2018-05-09 17:44:35 +01:00
|
|
|
|
|
|
|
if (vshCommandOptStringReq(ctl, cmd, "file", &from) < 0)
|
|
|
|
return false;
|
|
|
|
|
2021-08-26 14:32:35 +02:00
|
|
|
if (vshCommandOptBool(cmd, "validate"))
|
|
|
|
flags |= VIR_NWFILTER_BINDING_CREATE_VALIDATE;
|
|
|
|
|
2018-05-09 17:44:35 +01:00
|
|
|
if (virFileReadAll(from, VSH_MAX_XML_FILE, &buffer) < 0)
|
|
|
|
return false;
|
|
|
|
|
2021-08-26 14:32:35 +02:00
|
|
|
binding = virNWFilterBindingCreateXML(priv->conn, buffer, flags);
|
2018-05-09 17:44:35 +01:00
|
|
|
|
2021-09-24 01:49:08 +02:00
|
|
|
if (!binding) {
|
2023-03-09 15:54:58 +01:00
|
|
|
vshError(ctl, _("Failed to create network filter from %1$s"), from);
|
2021-09-24 01:49:08 +02:00
|
|
|
return false;
|
2018-05-09 17:44:35 +01:00
|
|
|
}
|
2021-09-24 01:49:08 +02:00
|
|
|
|
2023-03-09 15:54:58 +01:00
|
|
|
vshPrintExtra(ctl, _("Network filter binding on %1$s created from %2$s\n"),
|
2021-09-24 01:49:08 +02:00
|
|
|
virNWFilterBindingGetPortDev(binding), from);
|
|
|
|
virNWFilterBindingFree(binding);
|
|
|
|
return true;
|
2018-05-09 17:44:35 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* "nwfilter-binding-delete" command
|
|
|
|
*/
|
|
|
|
static const vshCmdInfo info_nwfilter_binding_delete[] = {
|
|
|
|
{.name = "help",
|
|
|
|
.data = N_("delete a network filter binding")
|
|
|
|
},
|
|
|
|
{.name = "desc",
|
|
|
|
.data = N_("Delete a given network filter binding.")
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
static const vshCmdOptDef opts_nwfilter_binding_delete[] = {
|
|
|
|
{.name = "binding",
|
|
|
|
.type = VSH_OT_DATA,
|
|
|
|
.flags = VSH_OFLAG_REQ,
|
|
|
|
.help = N_("network filter binding port dev"),
|
|
|
|
.completer = virshNWFilterBindingNameCompleter,
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
static bool
|
|
|
|
cmdNWFilterBindingDelete(vshControl *ctl, const vshCmd *cmd)
|
|
|
|
{
|
|
|
|
virNWFilterBindingPtr binding;
|
|
|
|
bool ret = true;
|
|
|
|
const char *portdev;
|
|
|
|
|
|
|
|
if (!(binding = virshCommandOptNWFilterBinding(ctl, cmd, &portdev)))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
if (virNWFilterBindingDelete(binding) == 0) {
|
2023-03-09 15:54:58 +01:00
|
|
|
vshPrintExtra(ctl, _("Network filter binding on %1$s deleted\n"), portdev);
|
2018-05-09 17:44:35 +01:00
|
|
|
} else {
|
2023-03-09 15:54:58 +01:00
|
|
|
vshError(ctl, _("Failed to delete network filter binding on %1$s"), portdev);
|
2018-05-09 17:44:35 +01:00
|
|
|
ret = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
virNWFilterBindingFree(binding);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* "nwfilter-binding-dumpxml" command
|
|
|
|
*/
|
|
|
|
static const vshCmdInfo info_nwfilter_binding_dumpxml[] = {
|
|
|
|
{.name = "help",
|
|
|
|
.data = N_("network filter information in XML")
|
|
|
|
},
|
|
|
|
{.name = "desc",
|
|
|
|
.data = N_("Output the network filter information as an XML dump to stdout.")
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
static const vshCmdOptDef opts_nwfilter_binding_dumpxml[] = {
|
|
|
|
{.name = "binding",
|
|
|
|
.type = VSH_OT_DATA,
|
|
|
|
.flags = VSH_OFLAG_REQ,
|
|
|
|
.help = N_("network filter binding portdev"),
|
|
|
|
.completer = virshNWFilterBindingNameCompleter,
|
|
|
|
},
|
2022-06-16 16:29:54 +01:00
|
|
|
{.name = "xpath",
|
|
|
|
.type = VSH_OT_STRING,
|
virsh: Require --xpath for *dumpxml
Historically, the dumpxml command reject any unknown arguments,
for instance:
virsh dumpxml fedora xxx
However, after v8.5.0-rc1~31 the second argument ('xxx') is
treated as an XPath, but it's not that clearly visible.
Therefore, require the --xpath switch, like this:
virsh dumpxml fedora --xpath xxx
Yes, this breaks already released virsh, but I think we can argue
that the pool of users of this particular function is very small.
We also document the argument being mandatory:
dumpxml [--inactive] [--security-info] [--update-cpu] [--migratable]
[--xpath EXPRESSION] [--wrap] domain
The sooner we do this change, the better.
The same applies for other *dumpxml functions (net-dumpxml,
pool-dumpxml, vol-dumpxl to name a few).
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2103524
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-07-08 12:45:42 +02:00
|
|
|
.flags = VSH_OFLAG_REQ_OPT,
|
2022-06-16 16:29:54 +01:00
|
|
|
.completer = virshCompleteEmpty,
|
|
|
|
.help = N_("xpath expression to filter the XML document")
|
|
|
|
},
|
|
|
|
{.name = "wrap",
|
|
|
|
.type = VSH_OT_BOOL,
|
|
|
|
.help = N_("wrap xpath results in an common root element"),
|
|
|
|
},
|
2018-05-09 17:44:35 +01:00
|
|
|
{.name = NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
static bool
|
|
|
|
cmdNWFilterBindingDumpXML(vshControl *ctl, const vshCmd *cmd)
|
|
|
|
{
|
|
|
|
virNWFilterBindingPtr binding;
|
|
|
|
bool ret = true;
|
2022-06-16 16:29:54 +01:00
|
|
|
g_autofree char *xml = NULL;
|
|
|
|
bool wrap = vshCommandOptBool(cmd, "wrap");
|
|
|
|
const char *xpath = NULL;
|
2018-05-09 17:44:35 +01:00
|
|
|
|
|
|
|
if (!(binding = virshCommandOptNWFilterBinding(ctl, cmd, NULL)))
|
|
|
|
return false;
|
|
|
|
|
2022-06-16 16:29:54 +01:00
|
|
|
if (!(xml = virNWFilterBindingGetXMLDesc(binding, 0)))
|
|
|
|
goto cleanup;
|
2018-05-09 17:44:35 +01:00
|
|
|
|
2022-06-16 16:29:54 +01:00
|
|
|
ret = virshDumpXML(ctl, xml, "nwfilter-binding", xpath, wrap);
|
|
|
|
|
|
|
|
cleanup:
|
2018-05-09 17:44:35 +01:00
|
|
|
virNWFilterBindingFree(binding);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
lib: Replace qsort() with g_qsort_with_data()
While glibc provides qsort(), which usually is just a mergesort,
until sorting arrays so huge that temporary array used by
mergesort would not fit into physical memory (which in our case
is never), we are not guaranteed it'll use mergesort. The
advantage of mergesort is clear - it's stable. IOW, if we have an
array of values parsed from XML, qsort() it and produce some
output based on those values, we can then compare the output with
some expected output, line by line.
But with newer glibc this is all history. After [1], qsort() is
no longer mergesort but introsort instead, which is not stable.
This is suboptimal, because in some cases we want to preserve
order of equal items. For instance, in ebiptablesApplyNewRules(),
nwfilter rules are sorted by their priority. But if two rules
have the same priority, we want to keep them in the order they
appear in the XML. Since it's hard/needless work to identify
places where stable or unstable sorting is needed, let's just
play it safe and use stable sorting everywhere.
Fortunately, glib provides g_qsort_with_data() which indeed
implement mergesort and it's a drop in replacement for qsort(),
almost. It accepts fifth argument (pointer to opaque data), that
is passed to comparator function, which then accepts three
arguments.
We have to keep one occurance of qsort() though - in NSS module
which deliberately does not link with glib.
1: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=03bf8357e8291857a435afcc3048e0b697b6cc04
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-11-22 14:58:49 +01:00
|
|
|
virshNWFilterBindingSorter(const void *a,
|
|
|
|
const void *b,
|
|
|
|
void *opaque G_GNUC_UNUSED)
|
2018-05-09 17:44:35 +01:00
|
|
|
{
|
|
|
|
virNWFilterBindingPtr *fa = (virNWFilterBindingPtr *) a;
|
|
|
|
virNWFilterBindingPtr *fb = (virNWFilterBindingPtr *) b;
|
|
|
|
|
|
|
|
if (*fa && !*fb)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
if (!*fa)
|
|
|
|
return *fb != NULL;
|
|
|
|
|
|
|
|
return vshStrcasecmp(virNWFilterBindingGetPortDev(*fa),
|
|
|
|
virNWFilterBindingGetPortDev(*fb));
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
struct virshNWFilterBindingList {
|
|
|
|
virNWFilterBindingPtr *bindings;
|
|
|
|
size_t nbindings;
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
2021-03-11 08:16:13 +01:00
|
|
|
virshNWFilterBindingListFree(struct virshNWFilterBindingList *list)
|
2018-05-09 17:44:35 +01:00
|
|
|
{
|
|
|
|
size_t i;
|
|
|
|
|
|
|
|
if (list && list->bindings) {
|
|
|
|
for (i = 0; i < list->nbindings; i++) {
|
|
|
|
if (list->bindings[i])
|
|
|
|
virNWFilterBindingFree(list->bindings[i]);
|
|
|
|
}
|
2021-02-03 14:32:55 -05:00
|
|
|
g_free(list->bindings);
|
2018-05-09 17:44:35 +01:00
|
|
|
}
|
2021-02-03 14:32:55 -05:00
|
|
|
g_free(list);
|
2018-05-09 17:44:35 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-03-11 08:16:13 +01:00
|
|
|
static struct virshNWFilterBindingList *
|
2018-05-09 17:44:35 +01:00
|
|
|
virshNWFilterBindingListCollect(vshControl *ctl,
|
|
|
|
unsigned int flags)
|
|
|
|
{
|
2021-03-11 08:16:13 +01:00
|
|
|
struct virshNWFilterBindingList *list = g_new0(struct virshNWFilterBindingList, 1);
|
2018-05-09 17:44:35 +01:00
|
|
|
int ret;
|
|
|
|
bool success = false;
|
2021-03-11 08:16:13 +01:00
|
|
|
virshControl *priv = ctl->privData;
|
2018-05-09 17:44:35 +01:00
|
|
|
|
|
|
|
if ((ret = virConnectListAllNWFilterBindings(priv->conn,
|
|
|
|
&list->bindings,
|
|
|
|
flags)) < 0) {
|
|
|
|
/* there was an error during the call */
|
|
|
|
vshError(ctl, "%s", _("Failed to list network filter bindings"));
|
|
|
|
goto cleanup;
|
|
|
|
}
|
|
|
|
|
|
|
|
list->nbindings = ret;
|
|
|
|
|
|
|
|
/* sort the list */
|
lib: Replace qsort() with g_qsort_with_data()
While glibc provides qsort(), which usually is just a mergesort,
until sorting arrays so huge that temporary array used by
mergesort would not fit into physical memory (which in our case
is never), we are not guaranteed it'll use mergesort. The
advantage of mergesort is clear - it's stable. IOW, if we have an
array of values parsed from XML, qsort() it and produce some
output based on those values, we can then compare the output with
some expected output, line by line.
But with newer glibc this is all history. After [1], qsort() is
no longer mergesort but introsort instead, which is not stable.
This is suboptimal, because in some cases we want to preserve
order of equal items. For instance, in ebiptablesApplyNewRules(),
nwfilter rules are sorted by their priority. But if two rules
have the same priority, we want to keep them in the order they
appear in the XML. Since it's hard/needless work to identify
places where stable or unstable sorting is needed, let's just
play it safe and use stable sorting everywhere.
Fortunately, glib provides g_qsort_with_data() which indeed
implement mergesort and it's a drop in replacement for qsort(),
almost. It accepts fifth argument (pointer to opaque data), that
is passed to comparator function, which then accepts three
arguments.
We have to keep one occurance of qsort() though - in NSS module
which deliberately does not link with glib.
1: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=03bf8357e8291857a435afcc3048e0b697b6cc04
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-11-22 14:58:49 +01:00
|
|
|
if (list->bindings && list->nbindings > 1) {
|
|
|
|
g_qsort_with_data(list->bindings, list->nbindings,
|
|
|
|
sizeof(*list->bindings), virshNWFilterBindingSorter, NULL);
|
|
|
|
}
|
2018-05-09 17:44:35 +01:00
|
|
|
|
|
|
|
success = true;
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
if (!success) {
|
2022-01-28 18:42:45 +01:00
|
|
|
g_clear_pointer(&list, virshNWFilterBindingListFree);
|
2018-05-09 17:44:35 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return list;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* "nwfilter-binding-list" command
|
|
|
|
*/
|
|
|
|
static const vshCmdInfo info_nwfilter_binding_list[] = {
|
|
|
|
{.name = "help",
|
|
|
|
.data = N_("list network filter bindings")
|
|
|
|
},
|
|
|
|
{.name = "desc",
|
|
|
|
.data = N_("Returns list of network filter bindings.")
|
|
|
|
},
|
|
|
|
{.name = NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
static const vshCmdOptDef opts_nwfilter_binding_list[] = {
|
|
|
|
{.name = NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
static bool
|
2019-10-14 14:44:29 +02:00
|
|
|
cmdNWFilterBindingList(vshControl *ctl, const vshCmd *cmd G_GNUC_UNUSED)
|
2018-05-09 17:44:35 +01:00
|
|
|
{
|
|
|
|
size_t i;
|
2018-09-21 16:17:15 +02:00
|
|
|
bool ret = false;
|
2021-03-11 08:16:13 +01:00
|
|
|
struct virshNWFilterBindingList *list = NULL;
|
2021-08-11 15:12:02 +02:00
|
|
|
g_autoptr(vshTable) table = NULL;
|
2018-05-09 17:44:35 +01:00
|
|
|
|
|
|
|
if (!(list = virshNWFilterBindingListCollect(ctl, 0)))
|
|
|
|
return false;
|
|
|
|
|
2018-09-21 16:17:15 +02:00
|
|
|
table = vshTableNew(_("Port Dev"), _("Filter"), NULL);
|
|
|
|
if (!table)
|
|
|
|
goto cleanup;
|
2018-05-09 17:44:35 +01:00
|
|
|
|
|
|
|
for (i = 0; i < list->nbindings; i++) {
|
|
|
|
virNWFilterBindingPtr binding = list->bindings[i];
|
|
|
|
|
2018-09-21 16:17:15 +02:00
|
|
|
if (vshTableRowAppend(table,
|
|
|
|
virNWFilterBindingGetPortDev(binding),
|
|
|
|
virNWFilterBindingGetFilterName(binding),
|
|
|
|
NULL) < 0)
|
|
|
|
goto cleanup;
|
2018-05-09 17:44:35 +01:00
|
|
|
}
|
|
|
|
|
2018-09-21 16:17:15 +02:00
|
|
|
vshTablePrintToStdout(table, ctl);
|
|
|
|
|
|
|
|
ret = true;
|
|
|
|
cleanup:
|
2018-05-09 17:44:35 +01:00
|
|
|
virshNWFilterBindingListFree(list);
|
2018-09-21 16:17:15 +02:00
|
|
|
return ret;
|
2018-05-09 17:44:35 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2012-08-20 16:56:03 -06:00
|
|
|
const vshCmdDef nwfilterCmds[] = {
|
2013-02-07 16:25:10 +01:00
|
|
|
{.name = "nwfilter-define",
|
|
|
|
.handler = cmdNWFilterDefine,
|
|
|
|
.opts = opts_nwfilter_define,
|
|
|
|
.info = info_nwfilter_define,
|
|
|
|
.flags = 0
|
|
|
|
},
|
|
|
|
{.name = "nwfilter-dumpxml",
|
|
|
|
.handler = cmdNWFilterDumpXML,
|
|
|
|
.opts = opts_nwfilter_dumpxml,
|
|
|
|
.info = info_nwfilter_dumpxml,
|
|
|
|
.flags = 0
|
|
|
|
},
|
|
|
|
{.name = "nwfilter-edit",
|
|
|
|
.handler = cmdNWFilterEdit,
|
|
|
|
.opts = opts_nwfilter_edit,
|
|
|
|
.info = info_nwfilter_edit,
|
|
|
|
.flags = 0
|
|
|
|
},
|
|
|
|
{.name = "nwfilter-list",
|
|
|
|
.handler = cmdNWFilterList,
|
|
|
|
.opts = opts_nwfilter_list,
|
|
|
|
.info = info_nwfilter_list,
|
|
|
|
.flags = 0
|
|
|
|
},
|
|
|
|
{.name = "nwfilter-undefine",
|
|
|
|
.handler = cmdNWFilterUndefine,
|
|
|
|
.opts = opts_nwfilter_undefine,
|
|
|
|
.info = info_nwfilter_undefine,
|
|
|
|
.flags = 0
|
|
|
|
},
|
2018-05-09 17:44:35 +01:00
|
|
|
{.name = "nwfilter-binding-create",
|
|
|
|
.handler = cmdNWFilterBindingCreate,
|
|
|
|
.opts = opts_nwfilter_binding_create,
|
|
|
|
.info = info_nwfilter_binding_create,
|
|
|
|
.flags = 0
|
|
|
|
},
|
|
|
|
{.name = "nwfilter-binding-delete",
|
|
|
|
.handler = cmdNWFilterBindingDelete,
|
|
|
|
.opts = opts_nwfilter_binding_delete,
|
|
|
|
.info = info_nwfilter_binding_delete,
|
|
|
|
.flags = 0
|
|
|
|
},
|
|
|
|
{.name = "nwfilter-binding-dumpxml",
|
|
|
|
.handler = cmdNWFilterBindingDumpXML,
|
|
|
|
.opts = opts_nwfilter_binding_dumpxml,
|
|
|
|
.info = info_nwfilter_binding_dumpxml,
|
|
|
|
.flags = 0
|
|
|
|
},
|
|
|
|
{.name = "nwfilter-binding-list",
|
|
|
|
.handler = cmdNWFilterBindingList,
|
|
|
|
.opts = opts_nwfilter_binding_list,
|
|
|
|
.info = info_nwfilter_binding_list,
|
|
|
|
.flags = 0
|
|
|
|
},
|
2013-02-07 16:25:10 +01:00
|
|
|
{.name = NULL}
|
2012-07-23 15:19:04 +08:00
|
|
|
};
|