mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-10-29 17:33:09 +00:00
Wed Mar 30 17:24:48 IST 2007 Mark McLoughlin <markmc@redhat.com>
* qemud/iptables.c: Re-factor things a little so that we maintain the rules in memory even when we're not going to write them to disk.
This commit is contained in:
parent
42d4b85d86
commit
812b34fdd8
@ -1,3 +1,9 @@
|
|||||||
|
Wed Mar 30 17:24:48 IST 2007 Mark McLoughlin <markmc@redhat.com>
|
||||||
|
|
||||||
|
* qemud/iptables.c: Re-factor things a little so that we
|
||||||
|
maintain the rules in memory even when we're not going
|
||||||
|
to write them to disk.
|
||||||
|
|
||||||
Wed Mar 30 17:21:08 IST 2007 Mark McLoughlin <markmc@redhat.com>
|
Wed Mar 30 17:21:08 IST 2007 Mark McLoughlin <markmc@redhat.com>
|
||||||
|
|
||||||
* qemud/iptables.c: Remove the target interface parameter
|
* qemud/iptables.c: Remove the target interface parameter
|
||||||
|
@ -51,14 +51,14 @@ typedef struct
|
|||||||
char *table;
|
char *table;
|
||||||
char *chain;
|
char *chain;
|
||||||
|
|
||||||
|
int nrules;
|
||||||
|
char **rules;
|
||||||
|
|
||||||
#ifdef IPTABLES_DIR
|
#ifdef IPTABLES_DIR
|
||||||
|
|
||||||
char dir[PATH_MAX];
|
char dir[PATH_MAX];
|
||||||
char path[PATH_MAX];
|
char path[PATH_MAX];
|
||||||
|
|
||||||
int nrules;
|
|
||||||
char **rules;
|
|
||||||
|
|
||||||
#endif /* IPTABLES_DIR */
|
#endif /* IPTABLES_DIR */
|
||||||
|
|
||||||
} iptRules;
|
} iptRules;
|
||||||
@ -171,13 +171,13 @@ buildPath(const char *table,
|
|||||||
else
|
else
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
#endif /* IPTABLES_DIR */
|
||||||
|
|
||||||
static int
|
static int
|
||||||
iptRulesAppend(iptRules *rules,
|
iptRulesAppend(iptRules *rules,
|
||||||
const char *rule)
|
const char *rule)
|
||||||
{
|
{
|
||||||
char **r;
|
char **r;
|
||||||
int err;
|
|
||||||
|
|
||||||
if (!(r = (char **)realloc(rules->rules, sizeof(char *) * (rules->nrules+1))))
|
if (!(r = (char **)realloc(rules->rules, sizeof(char *) * (rules->nrules+1))))
|
||||||
return ENOMEM;
|
return ENOMEM;
|
||||||
@ -189,24 +189,29 @@ iptRulesAppend(iptRules *rules,
|
|||||||
|
|
||||||
rules->nrules++;
|
rules->nrules++;
|
||||||
|
|
||||||
|
#ifdef IPTABLES_DIR
|
||||||
|
{
|
||||||
|
int err;
|
||||||
|
|
||||||
if ((err = ensureDir(rules->dir)))
|
if ((err = ensureDir(rules->dir)))
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
if ((err = writeRules(rules->path, rules->rules, rules->nrules)))
|
if ((err = writeRules(rules->path, rules->rules, rules->nrules)))
|
||||||
return err;
|
return err;
|
||||||
|
}
|
||||||
|
#endif /* IPTABLES_DIR */
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
iptRulesRemove(iptRules *rules,
|
iptRulesRemove(iptRules *rules,
|
||||||
const char *rule)
|
char *rule)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
int err;
|
|
||||||
|
|
||||||
for (i = 0; i < rules->nrules; i++)
|
for (i = 0; i < rules->nrules; i++)
|
||||||
if (!strcmp(rules->rules[i], rule))
|
if (!strcmp(rules->rules[i], strdup(rule)))
|
||||||
break;
|
break;
|
||||||
|
|
||||||
if (i >= rules->nrules)
|
if (i >= rules->nrules)
|
||||||
@ -220,16 +225,23 @@ iptRulesRemove(iptRules *rules,
|
|||||||
|
|
||||||
rules->nrules--;
|
rules->nrules--;
|
||||||
|
|
||||||
|
#ifdef IPTABLES_DIR
|
||||||
|
{
|
||||||
|
int err;
|
||||||
|
|
||||||
if ((err = writeRules(rules->path, rules->rules, rules->nrules)))
|
if ((err = writeRules(rules->path, rules->rules, rules->nrules)))
|
||||||
return err;
|
return err;
|
||||||
|
}
|
||||||
|
#endif /* IPTABLES_DIR */
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* IPTABLES_DIR */
|
|
||||||
|
|
||||||
static void
|
static void
|
||||||
iptRulesFree(iptRules *rules)
|
iptRulesFree(iptRules *rules)
|
||||||
{
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
if (rules->table) {
|
if (rules->table) {
|
||||||
free(rules->table);
|
free(rules->table);
|
||||||
rules->table = NULL;
|
rules->table = NULL;
|
||||||
@ -240,12 +252,6 @@ iptRulesFree(iptRules *rules)
|
|||||||
rules->chain = NULL;
|
rules->chain = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef IPTABLES_DIR
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
|
|
||||||
rules->dir[0] = '\0';
|
|
||||||
rules->path[0] = '\0';
|
|
||||||
|
|
||||||
for (i = 0; i < rules->nrules; i++) {
|
for (i = 0; i < rules->nrules; i++) {
|
||||||
free(rules->rules[i]);
|
free(rules->rules[i]);
|
||||||
@ -258,7 +264,10 @@ iptRulesFree(iptRules *rules)
|
|||||||
free(rules->rules);
|
free(rules->rules);
|
||||||
rules->rules = NULL;
|
rules->rules = NULL;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
#ifdef IPTABLES_DIR
|
||||||
|
rules->dir[0] = '\0';
|
||||||
|
rules->path[0] = '\0';
|
||||||
#endif /* IPTABLES_DIR */
|
#endif /* IPTABLES_DIR */
|
||||||
|
|
||||||
free(rules);
|
free(rules);
|
||||||
@ -279,15 +288,15 @@ iptRulesNew(const char *table,
|
|||||||
if (!(rules->chain = strdup(chain)))
|
if (!(rules->chain = strdup(chain)))
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
|
rules->rules = NULL;
|
||||||
|
rules->nrules = 0;
|
||||||
|
|
||||||
#ifdef IPTABLES_DIR
|
#ifdef IPTABLES_DIR
|
||||||
if (buildDir(table, rules->dir, sizeof(rules->dir)))
|
if (buildDir(table, rules->dir, sizeof(rules->dir)))
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
if (buildPath(table, chain, rules->path, sizeof(rules->path)))
|
if (buildPath(table, chain, rules->path, sizeof(rules->path)))
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
rules->rules = NULL;
|
|
||||||
rules->nrules = 0;
|
|
||||||
#endif /* IPTABLES_DIR */
|
#endif /* IPTABLES_DIR */
|
||||||
|
|
||||||
return rules;
|
return rules;
|
||||||
@ -464,12 +473,10 @@ iptablesAddRemoveRule(iptRules *rules, int action, const char *arg, ...)
|
|||||||
(retval = iptablesAddRemoveChain(rules, action)))
|
(retval = iptablesAddRemoveChain(rules, action)))
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
#ifdef IPTABLES_DIR
|
|
||||||
if (action == ADD)
|
if (action == ADD)
|
||||||
retval = iptRulesAppend(rules, rule);
|
retval = iptRulesAppend(rules, rule);
|
||||||
else
|
else
|
||||||
retval = iptRulesRemove(rules, rule);
|
retval = iptRulesRemove(rules, rule);
|
||||||
#endif /* IPTABLES_DIR */
|
|
||||||
|
|
||||||
error:
|
error:
|
||||||
if (rule)
|
if (rule)
|
||||||
|
Loading…
Reference in New Issue
Block a user