External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-16 09:35:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

bugfix: ip6tables rule removal

Browse Source 
Three FORWARD chain rules are added and two INPUT chain rules
are added when a network is started but only the FORWARD chain
rules are removed when the network is destroyed.
(cherry picked from commit adaa7ab653b0f841aa549e9f47f9e63ee1d15b37)
This commit is contained in:
Gene Czarcinski 2012-10-30 17:18:34 -04:00 committed by Cole Robinson
parent 0004a11879
commit c3cc4c1835
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/network/bridge_driver.c
View File

@ -1627,6 +1627,8 @@ networkRemoveGeneralIp6tablesRules(struct network_driver *driver,
if (!virNetworkDefGetIpByIndex(network->def, AF_INET6, 0)) if (!virNetworkDefGetIpByIndex(network->def, AF_INET6, 0))
return; return;
iptablesRemoveUdpInput(driver->iptables, AF_INET6, network->def->bridge, 53);
iptablesRemoveTcpInput(driver->iptables, AF_INET6, network->def->bridge, 53);
iptablesRemoveForwardAllowCross(driver->iptables, AF_INET6, network->def->bridge); iptablesRemoveForwardAllowCross(driver->iptables, AF_INET6, network->def->bridge);
iptablesRemoveForwardRejectIn(driver->iptables, AF_INET6, network->def->bridge); iptablesRemoveForwardRejectIn(driver->iptables, AF_INET6, network->def->bridge);
iptablesRemoveForwardRejectOut(driver->iptables, AF_INET6, network->def->bridge); iptablesRemoveForwardRejectOut(driver->iptables, AF_INET6, network->def->bridge);