From f8e0674ad58c1b51b67fbb2dee9b3b8bcbabf0ea Mon Sep 17 00:00:00 2001 From: Mark McLoughlin Date: Thu, 10 Jan 2008 13:56:22 +0000 Subject: [PATCH] --with-iptables-prefix was added to integrate with a proposed system for letting iptables know how to reload our rules. The proposed system wasn't accepted so, although there might be some other theoretical use for this, let's just remove it. --- ChangeLog | 10 ++++++++++ configure.in | 10 ---------- src/iptables.c | 6 +++--- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/ChangeLog b/ChangeLog index b0cda86679..24521bc78f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +Thu Jan 10 13:54:10 GMT 2008 Mark McLoughlin + + --with-iptables-prefix was added to integrate with + a proposed system for letting iptables know how to + reload our rules. The proposed system wasn't accepted + so, although there might be some other theoretical + use for this, let's just remove it. + + * configure.in, src/iptables.c: remove --with-iptables-prefix + Thu Jan 10 13:52:05 GMT 2008 Mark McLoughlin Add support for integrating our iptables support with diff --git a/configure.in b/configure.in index fe36718fb0..cd1a4119fb 100644 --- a/configure.in +++ b/configure.in @@ -182,16 +182,6 @@ fi AM_CONDITIONAL(LIBVIRT_INIT_SCRIPTS_RED_HAT, test x$with_init_scripts = xredhat) AC_MSG_RESULT($with_init_scripts) -dnl -dnl allow the creation of iptables rules in chains with a -dnl specific prefix rather than in the standard toplevel chains -dnl -AC_ARG_WITH(iptables-prefix, - AC_HELP_STRING([--with-iptables-prefix=prefix], - [prefix used for iptables chains, default is to use standard toplevel chains]), - [IPTABLES_PREFIX=$withval]) -AC_DEFINE_UNQUOTED(IPTABLES_PREFIX, "$IPTABLES_PREFIX", [prefix used for iptables chains]) - dnl dnl also support saving the various chains to files dnl in e.g. /etc/sysconfig/iptables.d diff --git a/src/iptables.c b/src/iptables.c index 21363ba1a6..12013af1ce 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -592,13 +592,13 @@ iptablesContextNew(void) if (!(ctx = calloc(1, sizeof (*ctx)))) return NULL; - if (!(ctx->input_filter = iptRulesNew("filter", IPTABLES_PREFIX "INPUT"))) + if (!(ctx->input_filter = iptRulesNew("filter", "INPUT"))) goto error; - if (!(ctx->forward_filter = iptRulesNew("filter", IPTABLES_PREFIX "FORWARD"))) + if (!(ctx->forward_filter = iptRulesNew("filter", "FORWARD"))) goto error; - if (!(ctx->nat_postrouting = iptRulesNew("nat", IPTABLES_PREFIX "POSTROUTING"))) + if (!(ctx->nat_postrouting = iptRulesNew("nat", "POSTROUTING"))) goto error; return ctx;