External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-07 18:35:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

nwfilter: do not create ebtables chain unnecessarily

Browse Source 
If only iptables rules are created then two unnecessary ebtables chains
are also created. This patch fixes this and prevents these chains from
being created. They have been cleaned up properly, though.
This commit is contained in:
Stefan Berger 2011-12-16 16:54:49 -05:00 committed by Stefan Berger
parent f9d60b1946
commit b4d579de1e
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/nwfilter/nwfilter_ebiptables_driver.c
View File

@ -3619,10 +3619,12 @@ ebiptablesApplyNewRules(const char *ifname,
NWFILTER_SET_EBTABLES_SHELLVAR(&buf);
/* create needed chains */
if (ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_in_set , 1,
&ebtChains, &nEbtChains) < 0 ||
ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_out_set, 0,
&ebtChains, &nEbtChains) < 0) {
if ((virHashSize(chains_in_set) > 0 &&
ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_in_set , 1,
&ebtChains, &nEbtChains) < 0) ||
(virHashSize(chains_out_set) > 0 &&
ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_out_set, 0,
&ebtChains, &nEbtChains) < 0)) {
goto tear_down_tmpebchains;
}