diff --git a/ChangeLog b/ChangeLog index f693632f55..83d0de30d6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +Thu May 22 11:49:29 EST 2008 Daniel P. Berrange + + * src/qemu_driver.c: Fix removal of iptables forwarding rules + Thu May 22 11:38:29 EST 2008 Daniel P. Berrange * configure.in: Remove some duplicated error messages diff --git a/src/qemu_driver.c b/src/qemu_driver.c index 8e26a4fa83..e5124479f4 100644 --- a/src/qemu_driver.c +++ b/src/qemu_driver.c @@ -1213,12 +1213,20 @@ qemudRemoveIptablesRules(struct qemud_driver *driver, struct qemud_network *network) { if (network->def->forward) { iptablesRemoveForwardMasquerade(driver->iptables, - network->def->network, - network->def->forwardDev); - iptablesRemoveForwardAllowIn(driver->iptables, - network->def->network, - network->bridge, - network->def->forwardDev); + network->def->network, + network->def->forwardDev); + + if (network->def->forwardMode == QEMUD_NET_FORWARD_NAT) + iptablesRemoveForwardAllowRelatedIn(driver->iptables, + network->def->network, + network->bridge, + network->def->forwardDev); + else if (network->def->forwardMode == QEMUD_NET_FORWARD_ROUTE) + iptablesRemoveForwardAllowIn(driver->iptables, + network->def->network, + network->bridge, + network->def->forwardDev); + iptablesRemoveForwardAllowOut(driver->iptables, network->def->network, network->bridge,