mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-10-30 09:53:10 +00:00
nwfilter: eliminate unnecessary labels
Signed-off-by: Laine Stump <laine@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
parent
e54bb482a1
commit
e205c3ebfa
@ -1797,7 +1797,6 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
const char *target;
|
const char *target;
|
||||||
bool hasMask = false;
|
bool hasMask = false;
|
||||||
virFirewallRulePtr fwrule;
|
virFirewallRulePtr fwrule;
|
||||||
int ret = -1;
|
|
||||||
g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
|
g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
|
||||||
|
|
||||||
if (STREQ(chainSuffix,
|
if (STREQ(chainSuffix,
|
||||||
@ -1813,7 +1812,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars, \
|
if (printDataType(vars, \
|
||||||
field, sizeof(field), \
|
field, sizeof(field), \
|
||||||
&rule->p.STRUCT.ITEM) < 0) \
|
&rule->p.STRUCT.ITEM) < 0) \
|
||||||
goto cleanup; \
|
return -1; \
|
||||||
virFirewallRuleAddArg(fw, fwrule, CLI); \
|
virFirewallRuleAddArg(fw, fwrule, CLI); \
|
||||||
if (ENTRY_WANT_NEG_SIGN(&rule->p.STRUCT.ITEM)) \
|
if (ENTRY_WANT_NEG_SIGN(&rule->p.STRUCT.ITEM)) \
|
||||||
virFirewallRuleAddArg(fw, fwrule, "!"); \
|
virFirewallRuleAddArg(fw, fwrule, "!"); \
|
||||||
@ -1825,7 +1824,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars, \
|
if (printDataType(vars, \
|
||||||
field, sizeof(field), \
|
field, sizeof(field), \
|
||||||
&rule->p.STRUCT.ITEM) < 0) \
|
&rule->p.STRUCT.ITEM) < 0) \
|
||||||
goto cleanup; \
|
return -1; \
|
||||||
virFirewallRuleAddArg(fw, fwrule, CLI); \
|
virFirewallRuleAddArg(fw, fwrule, CLI); \
|
||||||
if (ENTRY_WANT_NEG_SIGN(&rule->p.STRUCT.ITEM)) \
|
if (ENTRY_WANT_NEG_SIGN(&rule->p.STRUCT.ITEM)) \
|
||||||
virFirewallRuleAddArg(fw, fwrule, "!"); \
|
virFirewallRuleAddArg(fw, fwrule, "!"); \
|
||||||
@ -1833,7 +1832,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars, \
|
if (printDataType(vars, \
|
||||||
fieldalt, sizeof(fieldalt), \
|
fieldalt, sizeof(fieldalt), \
|
||||||
&rule->p.STRUCT.ITEM_HI) < 0) \
|
&rule->p.STRUCT.ITEM_HI) < 0) \
|
||||||
goto cleanup; \
|
return -1; \
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule, \
|
virFirewallRuleAddArgFormat(fw, fwrule, \
|
||||||
"%s%s%s", field, SEP, fieldalt); \
|
"%s%s%s", field, SEP, fieldalt); \
|
||||||
} else { \
|
} else { \
|
||||||
@ -1855,13 +1854,13 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
vars,
|
vars,
|
||||||
&rule->p.ethHdrFilter.ethHdr,
|
&rule->p.ethHdrFilter.ethHdr,
|
||||||
reverse) < 0)
|
reverse) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
if (HAS_ENTRY_ITEM(&rule->p.ethHdrFilter.dataProtocolID)) {
|
if (HAS_ENTRY_ITEM(&rule->p.ethHdrFilter.dataProtocolID)) {
|
||||||
if (printDataTypeAsHex(vars,
|
if (printDataTypeAsHex(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ethHdrFilter.dataProtocolID) < 0)
|
&rule->p.ethHdrFilter.dataProtocolID) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
virFirewallRuleAddArg(fw, fwrule, "-p");
|
virFirewallRuleAddArg(fw, fwrule, "-p");
|
||||||
if (ENTRY_WANT_NEG_SIGN(&rule->p.ethHdrFilter.dataProtocolID))
|
if (ENTRY_WANT_NEG_SIGN(&rule->p.ethHdrFilter.dataProtocolID))
|
||||||
virFirewallRuleAddArg(fw, fwrule, "!");
|
virFirewallRuleAddArg(fw, fwrule, "!");
|
||||||
@ -1877,7 +1876,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
vars,
|
vars,
|
||||||
&rule->p.vlanHdrFilter.ethHdr,
|
&rule->p.vlanHdrFilter.ethHdr,
|
||||||
reverse) < 0)
|
reverse) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArgList(fw, fwrule,
|
virFirewallRuleAddArgList(fw, fwrule,
|
||||||
"-p", "0x8100", NULL);
|
"-p", "0x8100", NULL);
|
||||||
@ -1906,7 +1905,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
vars,
|
vars,
|
||||||
&rule->p.stpHdrFilter.ethHdr,
|
&rule->p.stpHdrFilter.ethHdr,
|
||||||
reverse) < 0)
|
reverse) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArgList(fw, fwrule,
|
virFirewallRuleAddArgList(fw, fwrule,
|
||||||
"-d", NWFILTER_MAC_BGA, NULL);
|
"-d", NWFILTER_MAC_BGA, NULL);
|
||||||
@ -1942,7 +1941,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
vars,
|
vars,
|
||||||
&rule->p.arpHdrFilter.ethHdr,
|
&rule->p.arpHdrFilter.ethHdr,
|
||||||
reverse) < 0)
|
reverse) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule, "-p");
|
virFirewallRuleAddArg(fw, fwrule, "-p");
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule, "0x%x",
|
virFirewallRuleAddArgFormat(fw, fwrule, "0x%x",
|
||||||
@ -1954,7 +1953,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.arpHdrFilter.dataHWType) < 0)
|
&rule->p.arpHdrFilter.dataHWType) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
virFirewallRuleAddArg(fw, fwrule, "--arp-htype");
|
virFirewallRuleAddArg(fw, fwrule, "--arp-htype");
|
||||||
if (ENTRY_WANT_NEG_SIGN(&rule->p.arpHdrFilter.dataHWType))
|
if (ENTRY_WANT_NEG_SIGN(&rule->p.arpHdrFilter.dataHWType))
|
||||||
virFirewallRuleAddArg(fw, fwrule, "!");
|
virFirewallRuleAddArg(fw, fwrule, "!");
|
||||||
@ -1965,7 +1964,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.arpHdrFilter.dataOpcode) < 0)
|
&rule->p.arpHdrFilter.dataOpcode) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
virFirewallRuleAddArg(fw, fwrule, "--arp-opcode");
|
virFirewallRuleAddArg(fw, fwrule, "--arp-opcode");
|
||||||
if (ENTRY_WANT_NEG_SIGN(&rule->p.arpHdrFilter.dataOpcode))
|
if (ENTRY_WANT_NEG_SIGN(&rule->p.arpHdrFilter.dataOpcode))
|
||||||
virFirewallRuleAddArg(fw, fwrule, "!");
|
virFirewallRuleAddArg(fw, fwrule, "!");
|
||||||
@ -1976,7 +1975,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataTypeAsHex(vars,
|
if (printDataTypeAsHex(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.arpHdrFilter.dataProtocolType) < 0)
|
&rule->p.arpHdrFilter.dataProtocolType) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
virFirewallRuleAddArg(fw, fwrule, "--arp-ptype");
|
virFirewallRuleAddArg(fw, fwrule, "--arp-ptype");
|
||||||
if (ENTRY_WANT_NEG_SIGN(&rule->p.arpHdrFilter.dataProtocolType))
|
if (ENTRY_WANT_NEG_SIGN(&rule->p.arpHdrFilter.dataProtocolType))
|
||||||
virFirewallRuleAddArg(fw, fwrule, "!");
|
virFirewallRuleAddArg(fw, fwrule, "!");
|
||||||
@ -1987,13 +1986,13 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
ipaddr, sizeof(ipaddr),
|
ipaddr, sizeof(ipaddr),
|
||||||
&rule->p.arpHdrFilter.dataARPSrcIPAddr) < 0)
|
&rule->p.arpHdrFilter.dataARPSrcIPAddr) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPSrcIPMask)) {
|
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPSrcIPMask)) {
|
||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
ipmask, sizeof(ipmask),
|
ipmask, sizeof(ipmask),
|
||||||
&rule->p.arpHdrFilter.dataARPSrcIPMask) < 0)
|
&rule->p.arpHdrFilter.dataARPSrcIPMask) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
hasMask = true;
|
hasMask = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2009,13 +2008,13 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
ipaddr, sizeof(ipaddr),
|
ipaddr, sizeof(ipaddr),
|
||||||
&rule->p.arpHdrFilter.dataARPDstIPAddr) < 0)
|
&rule->p.arpHdrFilter.dataARPDstIPAddr) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPDstIPMask)) {
|
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPDstIPMask)) {
|
||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
ipmask, sizeof(ipmask),
|
ipmask, sizeof(ipmask),
|
||||||
&rule->p.arpHdrFilter.dataARPDstIPMask) < 0)
|
&rule->p.arpHdrFilter.dataARPDstIPMask) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
hasMask = true;
|
hasMask = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2031,7 +2030,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
macaddr, sizeof(macaddr),
|
macaddr, sizeof(macaddr),
|
||||||
&rule->p.arpHdrFilter.dataARPSrcMACAddr) < 0)
|
&rule->p.arpHdrFilter.dataARPSrcMACAddr) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--arp-mac-dst" : "--arp-mac-src");
|
reverse ? "--arp-mac-dst" : "--arp-mac-src");
|
||||||
@ -2044,7 +2043,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
macaddr, sizeof(macaddr),
|
macaddr, sizeof(macaddr),
|
||||||
&rule->p.arpHdrFilter.dataARPDstMACAddr) < 0)
|
&rule->p.arpHdrFilter.dataARPDstMACAddr) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--arp-mac-src" : "--arp-mac-dst");
|
reverse ? "--arp-mac-src" : "--arp-mac-dst");
|
||||||
@ -2069,7 +2068,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
vars,
|
vars,
|
||||||
&rule->p.ipHdrFilter.ethHdr,
|
&rule->p.ipHdrFilter.ethHdr,
|
||||||
reverse) < 0)
|
reverse) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArgList(fw, fwrule,
|
virFirewallRuleAddArgList(fw, fwrule,
|
||||||
"-p", "ipv4", NULL);
|
"-p", "ipv4", NULL);
|
||||||
@ -2078,7 +2077,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
ipaddr, sizeof(ipaddr),
|
ipaddr, sizeof(ipaddr),
|
||||||
&rule->p.ipHdrFilter.ipHdr.dataSrcIPAddr) < 0)
|
&rule->p.ipHdrFilter.ipHdr.dataSrcIPAddr) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--ip-destination" : "--ip-source");
|
reverse ? "--ip-destination" : "--ip-source");
|
||||||
@ -2089,7 +2088,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipHdrFilter.ipHdr.dataSrcIPMask) < 0)
|
&rule->p.ipHdrFilter.ipHdr.dataSrcIPMask) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule,
|
virFirewallRuleAddArgFormat(fw, fwrule,
|
||||||
"%s/%s", ipaddr, number);
|
"%s/%s", ipaddr, number);
|
||||||
} else {
|
} else {
|
||||||
@ -2102,7 +2101,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
ipaddr, sizeof(ipaddr),
|
ipaddr, sizeof(ipaddr),
|
||||||
&rule->p.ipHdrFilter.ipHdr.dataDstIPAddr) < 0)
|
&rule->p.ipHdrFilter.ipHdr.dataDstIPAddr) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--ip-source" : "--ip-destination");
|
reverse ? "--ip-source" : "--ip-destination");
|
||||||
@ -2113,7 +2112,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipHdrFilter.ipHdr.dataDstIPMask) < 0)
|
&rule->p.ipHdrFilter.ipHdr.dataDstIPMask) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule,
|
virFirewallRuleAddArgFormat(fw, fwrule,
|
||||||
"%s/%s", ipaddr, number);
|
"%s/%s", ipaddr, number);
|
||||||
} else {
|
} else {
|
||||||
@ -2125,7 +2124,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipHdrFilter.ipHdr.dataProtocolID) < 0)
|
&rule->p.ipHdrFilter.ipHdr.dataProtocolID) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule, "--ip-protocol");
|
virFirewallRuleAddArg(fw, fwrule, "--ip-protocol");
|
||||||
if (ENTRY_WANT_NEG_SIGN(&rule->p.ipHdrFilter.ipHdr.dataProtocolID))
|
if (ENTRY_WANT_NEG_SIGN(&rule->p.ipHdrFilter.ipHdr.dataProtocolID))
|
||||||
@ -2137,7 +2136,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipHdrFilter.portData.dataSrcPortStart) < 0)
|
&rule->p.ipHdrFilter.portData.dataSrcPortStart) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--ip-destination-port" : "--ip-source-port");
|
reverse ? "--ip-destination-port" : "--ip-source-port");
|
||||||
@ -2148,7 +2147,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
numberalt, sizeof(numberalt),
|
numberalt, sizeof(numberalt),
|
||||||
&rule->p.ipHdrFilter.portData.dataSrcPortEnd) < 0)
|
&rule->p.ipHdrFilter.portData.dataSrcPortEnd) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule,
|
virFirewallRuleAddArgFormat(fw, fwrule,
|
||||||
"%s:%s", number, numberalt);
|
"%s:%s", number, numberalt);
|
||||||
@ -2161,7 +2160,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipHdrFilter.portData.dataDstPortStart) < 0)
|
&rule->p.ipHdrFilter.portData.dataDstPortStart) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--ip-source-port" : "--ip-destination-port");
|
reverse ? "--ip-source-port" : "--ip-destination-port");
|
||||||
@ -2172,7 +2171,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
numberalt, sizeof(numberalt),
|
numberalt, sizeof(numberalt),
|
||||||
&rule->p.ipHdrFilter.portData.dataDstPortEnd) < 0)
|
&rule->p.ipHdrFilter.portData.dataDstPortEnd) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule,
|
virFirewallRuleAddArgFormat(fw, fwrule,
|
||||||
"%s:%s", number, numberalt);
|
"%s:%s", number, numberalt);
|
||||||
@ -2185,7 +2184,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataTypeAsHex(vars,
|
if (printDataTypeAsHex(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipHdrFilter.ipHdr.dataDSCP) < 0)
|
&rule->p.ipHdrFilter.ipHdr.dataDSCP) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule, "--ip-tos");
|
virFirewallRuleAddArg(fw, fwrule, "--ip-tos");
|
||||||
if (ENTRY_WANT_NEG_SIGN(&rule->p.ipHdrFilter.ipHdr.dataDSCP))
|
if (ENTRY_WANT_NEG_SIGN(&rule->p.ipHdrFilter.ipHdr.dataDSCP))
|
||||||
@ -2202,7 +2201,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
vars,
|
vars,
|
||||||
&rule->p.ipv6HdrFilter.ethHdr,
|
&rule->p.ipv6HdrFilter.ethHdr,
|
||||||
reverse) < 0)
|
reverse) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArgList(fw, fwrule,
|
virFirewallRuleAddArgList(fw, fwrule,
|
||||||
"-p", "ipv6", NULL);
|
"-p", "ipv6", NULL);
|
||||||
@ -2211,7 +2210,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
ipv6addr, sizeof(ipv6addr),
|
ipv6addr, sizeof(ipv6addr),
|
||||||
&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPAddr) < 0)
|
&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPAddr) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--ip6-destination" : "--ip6-source");
|
reverse ? "--ip6-destination" : "--ip6-source");
|
||||||
@ -2222,7 +2221,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPMask) < 0)
|
&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPMask) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule,
|
virFirewallRuleAddArgFormat(fw, fwrule,
|
||||||
"%s/%s", ipv6addr, number);
|
"%s/%s", ipv6addr, number);
|
||||||
} else {
|
} else {
|
||||||
@ -2235,7 +2234,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
ipv6addr, sizeof(ipv6addr),
|
ipv6addr, sizeof(ipv6addr),
|
||||||
&rule->p.ipv6HdrFilter.ipHdr.dataDstIPAddr) < 0)
|
&rule->p.ipv6HdrFilter.ipHdr.dataDstIPAddr) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--ip6-source" : "--ip6-destination");
|
reverse ? "--ip6-source" : "--ip6-destination");
|
||||||
@ -2246,7 +2245,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipv6HdrFilter.ipHdr.dataDstIPMask) < 0)
|
&rule->p.ipv6HdrFilter.ipHdr.dataDstIPMask) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule,
|
virFirewallRuleAddArgFormat(fw, fwrule,
|
||||||
"%s/%s", ipv6addr, number);
|
"%s/%s", ipv6addr, number);
|
||||||
} else {
|
} else {
|
||||||
@ -2258,7 +2257,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipv6HdrFilter.ipHdr.dataProtocolID) < 0)
|
&rule->p.ipv6HdrFilter.ipHdr.dataProtocolID) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule, "--ip6-protocol");
|
virFirewallRuleAddArg(fw, fwrule, "--ip6-protocol");
|
||||||
if (ENTRY_WANT_NEG_SIGN(&rule->p.ipv6HdrFilter.ipHdr.dataProtocolID))
|
if (ENTRY_WANT_NEG_SIGN(&rule->p.ipv6HdrFilter.ipHdr.dataProtocolID))
|
||||||
@ -2271,7 +2270,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipv6HdrFilter.portData.dataSrcPortStart) < 0)
|
&rule->p.ipv6HdrFilter.portData.dataSrcPortStart) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--ip6-destination-port" : "--ip6-source-port");
|
reverse ? "--ip6-destination-port" : "--ip6-source-port");
|
||||||
@ -2282,7 +2281,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
numberalt, sizeof(numberalt),
|
numberalt, sizeof(numberalt),
|
||||||
&rule->p.ipv6HdrFilter.portData.dataSrcPortEnd) < 0)
|
&rule->p.ipv6HdrFilter.portData.dataSrcPortEnd) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule,
|
virFirewallRuleAddArgFormat(fw, fwrule,
|
||||||
"%s:%s", number, numberalt);
|
"%s:%s", number, numberalt);
|
||||||
@ -2296,7 +2295,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipv6HdrFilter.portData.dataDstPortStart) < 0)
|
&rule->p.ipv6HdrFilter.portData.dataDstPortStart) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArg(fw, fwrule,
|
virFirewallRuleAddArg(fw, fwrule,
|
||||||
reverse ? "--ip6-source-port" : "--ip6-destination-port");
|
reverse ? "--ip6-source-port" : "--ip6-destination-port");
|
||||||
@ -2307,7 +2306,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
numberalt, sizeof(numberalt),
|
numberalt, sizeof(numberalt),
|
||||||
&rule->p.ipv6HdrFilter.portData.dataDstPortEnd) < 0)
|
&rule->p.ipv6HdrFilter.portData.dataDstPortEnd) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
|
|
||||||
virFirewallRuleAddArgFormat(fw, fwrule,
|
virFirewallRuleAddArgFormat(fw, fwrule,
|
||||||
"%s:%s", number, numberalt);
|
"%s:%s", number, numberalt);
|
||||||
@ -2330,7 +2329,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipv6HdrFilter.dataICMPTypeStart) < 0)
|
&rule->p.ipv6HdrFilter.dataICMPTypeStart) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
lo = true;
|
lo = true;
|
||||||
} else {
|
} else {
|
||||||
ignore_value(virStrcpyStatic(number, "0"));
|
ignore_value(virStrcpyStatic(number, "0"));
|
||||||
@ -2342,7 +2341,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
numberalt, sizeof(numberalt),
|
numberalt, sizeof(numberalt),
|
||||||
&rule->p.ipv6HdrFilter.dataICMPTypeEnd) < 0)
|
&rule->p.ipv6HdrFilter.dataICMPTypeEnd) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
} else {
|
} else {
|
||||||
if (lo)
|
if (lo)
|
||||||
ignore_value(virStrcpyStatic(numberalt, number));
|
ignore_value(virStrcpyStatic(numberalt, number));
|
||||||
@ -2358,7 +2357,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
number, sizeof(number),
|
number, sizeof(number),
|
||||||
&rule->p.ipv6HdrFilter.dataICMPCodeStart) < 0)
|
&rule->p.ipv6HdrFilter.dataICMPCodeStart) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
lo = true;
|
lo = true;
|
||||||
} else {
|
} else {
|
||||||
ignore_value(virStrcpyStatic(number, "0"));
|
ignore_value(virStrcpyStatic(number, "0"));
|
||||||
@ -2370,7 +2369,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
if (printDataType(vars,
|
if (printDataType(vars,
|
||||||
numberalt, sizeof(numberalt),
|
numberalt, sizeof(numberalt),
|
||||||
&rule->p.ipv6HdrFilter.dataICMPCodeEnd) < 0)
|
&rule->p.ipv6HdrFilter.dataICMPCodeEnd) < 0)
|
||||||
goto cleanup;
|
return -1;
|
||||||
} else {
|
} else {
|
||||||
if (lo)
|
if (lo)
|
||||||
ignore_value(virStrcpyStatic(numberalt, number));
|
ignore_value(virStrcpyStatic(numberalt, number));
|
||||||
@ -2421,9 +2420,7 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
|
|||||||
#undef INST_ITEM_2PARMS
|
#undef INST_ITEM_2PARMS
|
||||||
#undef INST_ITEM
|
#undef INST_ITEM
|
||||||
|
|
||||||
ret = 0;
|
return 0;
|
||||||
cleanup:
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user