mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-03-07 17:28:15 +00:00
eliminate unnecessary labels and ret variables
after making all virFirewall objects use g_autoptr(). Signed-off-by: Laine Stump <laine@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
parent
cf1ec5daac
commit
310ce7cf7e
@ -839,7 +839,6 @@ int networkAddFirewallRules(virNetworkDefPtr def)
|
||||
size_t i;
|
||||
virNetworkIPDefPtr ipdef;
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
int ret = -1;
|
||||
|
||||
if (virOnce(&createdOnce, networkSetupPrivateChains) < 0)
|
||||
return -1;
|
||||
@ -869,11 +868,11 @@ int networkAddFirewallRules(virNetworkDefPtr def)
|
||||
_("zone %s requested for network %s "
|
||||
"but firewalld is not active"),
|
||||
def->bridgeZone, def->name);
|
||||
goto cleanup;
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (virFirewallDInterfaceSetZone(def->bridge, def->bridgeZone) < 0)
|
||||
goto cleanup;
|
||||
return -1;
|
||||
|
||||
} else {
|
||||
|
||||
@ -893,13 +892,13 @@ int networkAddFirewallRules(virNetworkDefPtr def)
|
||||
*/
|
||||
if (virFirewallDZoneExists("libvirt")) {
|
||||
if (virFirewallDInterfaceSetZone(def->bridge, "libvirt") < 0)
|
||||
goto cleanup;
|
||||
return -1;
|
||||
} else {
|
||||
unsigned long version;
|
||||
int vresult = virFirewallDGetVersion(&version);
|
||||
|
||||
if (vresult < 0)
|
||||
goto cleanup;
|
||||
return -1;
|
||||
|
||||
/* Support for nftables backend was added in firewalld
|
||||
* 0.6.0. Support for rule priorities (required by the
|
||||
@ -919,7 +918,7 @@ int networkAddFirewallRules(virNetworkDefPtr def)
|
||||
"version supporting rule priorities "
|
||||
"(0.7.0+) and/or rebuilding "
|
||||
"libvirt with --with-firewalld-zone"));
|
||||
goto cleanup;
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -933,7 +932,7 @@ int networkAddFirewallRules(virNetworkDefPtr def)
|
||||
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
|
||||
i++) {
|
||||
if (networkAddIPSpecificFirewallRules(fw, def, ipdef) < 0)
|
||||
goto cleanup;
|
||||
return -1;
|
||||
}
|
||||
|
||||
virFirewallStartRollback(fw, 0);
|
||||
@ -942,19 +941,14 @@ int networkAddFirewallRules(virNetworkDefPtr def)
|
||||
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
|
||||
i++) {
|
||||
if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0)
|
||||
goto cleanup;
|
||||
return -1;
|
||||
}
|
||||
networkRemoveGeneralFirewallRules(fw, def);
|
||||
|
||||
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
|
||||
networkAddChecksumFirewallRules(fw, def);
|
||||
|
||||
if (virFirewallApply(fw) < 0)
|
||||
goto cleanup;
|
||||
|
||||
ret = 0;
|
||||
cleanup:
|
||||
return ret;
|
||||
return virFirewallApply(fw);
|
||||
}
|
||||
|
||||
/* Remove all rules for all ip addresses (and general rules) on a network */
|
||||
@ -973,12 +967,9 @@ void networkRemoveFirewallRules(virNetworkDefPtr def)
|
||||
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
|
||||
i++) {
|
||||
if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0)
|
||||
goto cleanup;
|
||||
return;
|
||||
}
|
||||
networkRemoveGeneralFirewallRules(fw, def);
|
||||
|
||||
virFirewallApply(fw);
|
||||
|
||||
cleanup:
|
||||
return;
|
||||
}
|
||||
|
@ -2866,7 +2866,7 @@ ebtablesApplyBasicRules(const char *ifname,
|
||||
virMacAddrFormat(macaddr, macaddr_str);
|
||||
|
||||
if (ebiptablesAllTeardown(ifname) < 0)
|
||||
goto error;
|
||||
return -1;
|
||||
|
||||
virFirewallStartTransaction(fw, 0);
|
||||
|
||||
@ -2899,7 +2899,6 @@ ebtablesApplyBasicRules(const char *ifname,
|
||||
|
||||
tear_down_tmpebchains:
|
||||
ebtablesCleanAll(ifname);
|
||||
error:
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -2937,7 +2936,7 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
|
||||
virMacAddrFormat(macaddr, macaddr_str);
|
||||
|
||||
if (ebiptablesAllTeardown(ifname) < 0)
|
||||
goto error;
|
||||
return -1;
|
||||
|
||||
virFirewallStartTransaction(fw, 0);
|
||||
|
||||
@ -3016,7 +3015,6 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
|
||||
|
||||
tear_down_tmpebchains:
|
||||
ebtablesCleanAll(ifname);
|
||||
error:
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -3038,7 +3036,7 @@ ebtablesApplyDropAllRules(const char *ifname)
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
|
||||
if (ebiptablesAllTeardown(ifname) < 0)
|
||||
goto error;
|
||||
return -1;
|
||||
|
||||
virFirewallStartTransaction(fw, 0);
|
||||
|
||||
@ -3068,7 +3066,6 @@ ebtablesApplyDropAllRules(const char *ifname)
|
||||
|
||||
tear_down_tmpebchains:
|
||||
ebtablesCleanAll(ifname);
|
||||
error:
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -3084,7 +3081,6 @@ static int
|
||||
ebtablesCleanAll(const char *ifname)
|
||||
{
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
int ret = -1;
|
||||
|
||||
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
|
||||
|
||||
@ -3100,8 +3096,7 @@ ebtablesCleanAll(const char *ifname)
|
||||
ebtablesRemoveTmpRootChainFW(fw, true, ifname);
|
||||
ebtablesRemoveTmpRootChainFW(fw, false, ifname);
|
||||
|
||||
ret = virFirewallApply(fw);
|
||||
return ret;
|
||||
return virFirewallApply(fw);
|
||||
}
|
||||
|
||||
|
||||
@ -3578,21 +3573,18 @@ static int
|
||||
ebiptablesTearNewRules(const char *ifname)
|
||||
{
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
int ret = -1;
|
||||
|
||||
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
|
||||
|
||||
ebiptablesTearNewRulesFW(fw, ifname);
|
||||
|
||||
ret = virFirewallApply(fw);
|
||||
return ret;
|
||||
return virFirewallApply(fw);
|
||||
}
|
||||
|
||||
static int
|
||||
ebiptablesTearOldRules(const char *ifname)
|
||||
{
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
int ret = -1;
|
||||
|
||||
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
|
||||
|
||||
@ -3611,8 +3603,7 @@ ebiptablesTearOldRules(const char *ifname)
|
||||
ebtablesRemoveRootChainFW(fw, false, ifname);
|
||||
ebtablesRenameTmpSubAndRootChainsFW(fw, ifname);
|
||||
|
||||
ret = virFirewallApply(fw);
|
||||
return ret;
|
||||
return virFirewallApply(fw);
|
||||
}
|
||||
|
||||
|
||||
@ -3629,7 +3620,6 @@ static int
|
||||
ebiptablesAllTeardown(const char *ifname)
|
||||
{
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
int ret = -1;
|
||||
|
||||
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
|
||||
|
||||
@ -3651,8 +3641,7 @@ ebiptablesAllTeardown(const char *ifname)
|
||||
ebtablesRemoveRootChainFW(fw, true, ifname);
|
||||
ebtablesRemoveRootChainFW(fw, false, ifname);
|
||||
|
||||
ret = virFirewallApply(fw);
|
||||
return ret;
|
||||
return virFirewallApply(fw);
|
||||
}
|
||||
|
||||
|
||||
@ -3738,7 +3727,6 @@ ebiptablesDriverProbeStateMatch(void)
|
||||
{
|
||||
unsigned long version;
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
int ret = -1;
|
||||
|
||||
virFirewallStartTransaction(fw, 0);
|
||||
virFirewallAddRuleFull(fw, VIR_FIREWALL_LAYER_IPV4,
|
||||
@ -3746,7 +3734,7 @@ ebiptablesDriverProbeStateMatch(void)
|
||||
"--version", NULL);
|
||||
|
||||
if (virFirewallApply(fw) < 0)
|
||||
goto cleanup;
|
||||
return -1;
|
||||
|
||||
/*
|
||||
* since version 1.4.16 '-m state --state ...' will be converted to
|
||||
@ -3755,9 +3743,7 @@ ebiptablesDriverProbeStateMatch(void)
|
||||
if (version >= 1 * 1000000 + 4 * 1000 + 16)
|
||||
newMatchState = true;
|
||||
|
||||
ret = 0;
|
||||
cleanup:
|
||||
return ret;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
|
@ -83,7 +83,6 @@ int
|
||||
ebtablesAddForwardPolicyReject(ebtablesContext *ctx)
|
||||
{
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
int ret = -1;
|
||||
|
||||
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
|
||||
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET,
|
||||
@ -98,12 +97,7 @@ ebtablesAddForwardPolicyReject(ebtablesContext *ctx)
|
||||
"-P", ctx->chain, "DROP",
|
||||
NULL);
|
||||
|
||||
if (virFirewallApply(fw) < 0)
|
||||
goto cleanup;
|
||||
|
||||
ret = 0;
|
||||
cleanup:
|
||||
return ret;
|
||||
return virFirewallApply(fw);
|
||||
}
|
||||
|
||||
|
||||
@ -117,7 +111,6 @@ ebtablesForwardAllowIn(ebtablesContext *ctx,
|
||||
int action)
|
||||
{
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
int ret = -1;
|
||||
|
||||
virFirewallStartTransaction(fw, 0);
|
||||
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET,
|
||||
@ -128,12 +121,7 @@ ebtablesForwardAllowIn(ebtablesContext *ctx,
|
||||
"--jump", "ACCEPT",
|
||||
NULL);
|
||||
|
||||
if (virFirewallApply(fw) < 0)
|
||||
goto cleanup;
|
||||
|
||||
ret = 0;
|
||||
cleanup:
|
||||
return ret;
|
||||
return virFirewallApply(fw);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -129,7 +129,6 @@ int
|
||||
iptablesSetupPrivateChains(virFirewallLayer layer)
|
||||
{
|
||||
g_autoptr(virFirewall) fw = virFirewallNew();
|
||||
int ret = -1;
|
||||
iptablesGlobalChain filter_chains[] = {
|
||||
{"INPUT", "LIBVIRT_INP"},
|
||||
{"OUTPUT", "LIBVIRT_OUT"},
|
||||
@ -160,12 +159,9 @@ iptablesSetupPrivateChains(virFirewallLayer layer)
|
||||
"--list-rules", NULL);
|
||||
|
||||
if (virFirewallApply(fw) < 0)
|
||||
goto cleanup;
|
||||
return -1;
|
||||
|
||||
ret = changed ? 1 : 0;
|
||||
|
||||
cleanup:
|
||||
return ret;
|
||||
return changed ? 1 : 0;
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user