From 973b681bdf9e51edc479f5cd6fcdba0b01eedfd6 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@us.ibm.com>
Date: Tue, 19 Apr 2011 16:23:59 -0400
Subject: [PATCH] nwfilter: no support for direct type of interface

Ebtables filtering doesn't work on macvtap device. Remove support for direct type of interface.
---
 docs/formatnwfilter.html.in               |  2 --
 src/conf/domain_conf.c                    |  1 -
 src/nwfilter/nwfilter_ebiptables_driver.c | 16 +---------------
 3 files changed, 1 insertion(+), 18 deletions(-)

diff --git a/docs/formatnwfilter.html.in b/docs/formatnwfilter.html.in
index 1cc13352af..ecb6b62c04 100644
--- a/docs/formatnwfilter.html.in
+++ b/docs/formatnwfilter.html.in
@@ -52,8 +52,6 @@
        <li><code>network</code></li>
        <li><code>ethernet</code> -- must be used in bridging mode</li>
        <li><code>bridge</code></li>
-       <li><code>direct</code> -- only protocols mac, arp, ip and ipv6
-            can be filtered</li>
       </ul>
     <p>
     The interface XML is used to reference a top-level filter. In the
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 6b733d474b..381e6924e5 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -2841,7 +2841,6 @@ virDomainNetDefParseXML(virCapsPtr caps,
         case VIR_DOMAIN_NET_TYPE_ETHERNET:
         case VIR_DOMAIN_NET_TYPE_NETWORK:
         case VIR_DOMAIN_NET_TYPE_BRIDGE:
-        case VIR_DOMAIN_NET_TYPE_DIRECT:
             def->filter = filter;
             filter = NULL;
             def->filterparams = filterparams;
diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c
index 977f74b3f5..39bd4a5236 100644
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -2357,7 +2357,7 @@ err_exit:
  */
 static int
 ebiptablesCreateRuleInstance(virConnectPtr conn ATTRIBUTE_UNUSED,
-                             enum virDomainNetType nettype,
+                             enum virDomainNetType nettype ATTRIBUTE_UNUSED,
                              virNWFilterDefPtr nwfilter,
                              virNWFilterRuleDefPtr rule,
                              const char *ifname,
@@ -2409,13 +2409,6 @@ ebiptablesCreateRuleInstance(virConnectPtr conn ATTRIBUTE_UNUSED,
     case VIR_NWFILTER_RULE_PROTOCOL_ICMP:
     case VIR_NWFILTER_RULE_PROTOCOL_IGMP:
     case VIR_NWFILTER_RULE_PROTOCOL_ALL:
-        if (nettype == VIR_DOMAIN_NET_TYPE_DIRECT) {
-            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
-                          _("'%s' protocol not support for net type '%s'"),
-                          virNWFilterRuleProtocolTypeToString(rule->prtclType),
-                          virDomainNetTypeToString(nettype));
-            return 1;
-        }
         isIPv6 = 0;
         rc = iptablesCreateRuleInstance(nwfilter,
                                         rule,
@@ -2433,13 +2426,6 @@ ebiptablesCreateRuleInstance(virConnectPtr conn ATTRIBUTE_UNUSED,
     case VIR_NWFILTER_RULE_PROTOCOL_SCTPoIPV6:
     case VIR_NWFILTER_RULE_PROTOCOL_ICMPV6:
     case VIR_NWFILTER_RULE_PROTOCOL_ALLoIPV6:
-        if (nettype == VIR_DOMAIN_NET_TYPE_DIRECT) {
-            virNWFilterReportError(VIR_ERR_OPERATION_FAILED,
-                          _("'%s' protocol not support for net type '%s'"),
-                          virNWFilterRuleProtocolTypeToString(rule->prtclType),
-                          virDomainNetTypeToString(nettype));
-            return 1;
-        }
         isIPv6 = 1;
         rc = iptablesCreateRuleInstance(nwfilter,
                                         rule,