Commit Graph

4408 Commits

Author SHA1 Message Date
Stefan Berger
552bdb9b35 nwfilter: Fix instantiated layer 2 rules for 'inout' direction
With Eric Blake's suggestions applied.

The following rule for direction 'in'

<rule direction='in' action='drop'>
  <mac srcmacaddr='1:2:3:4:5:6'/>
</rule>

drops all traffic from the given mac address.
The following rule for direction 'out'

<rule direction='out' action='drop'>
  <mac dstmacaddr='1:2:3:4:5:6'/>
</rule>

drops all traffic to the given mac address.
The following rule in direction 'inout'

<rule direction='inout' action='drop'>
  <mac srcmacaddr='1:2:3:4:5:6'/>
</rule>

now drops all traffic from and to the given MAC address.
So far it would have dropped traffic from the given MAC address
and outgoing traffic with the given source MAC address, which is not useful
since the packets will always have the VM's MAC address as source
MAC address. The attached patch fixes this.

This is the last bug I currently know of and want to fix.
2010-04-06 10:40:35 -04:00
Eric Blake
9f337ef752 virsh: improve documentation
Document several missing commands.  There's more work that could be
done, but incremental improvements is better than no patch at all.

* tools/virsh.pod (autostart, connect): Improve grammar.
(create): Improve example.
(domjobabort, domjobinfo, domxml-from-native, domxml-to-native):
Document.
(storage pool commands): New section.
2010-04-06 08:00:25 -06:00
Chris Lalancette
28b9a6c769 Clarify an error message in setmem.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-06 09:56:44 -04:00
Chris Lalancette
6f17a5d166 Fix up comments for isEncrypted, isSecure, domainIsActive,
and domainIsPersistent.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-06 09:51:24 -04:00
Chris Lalancette
6449cb9014 Document snapshot virsh commands in the man page.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-06 09:50:43 -04:00
Chris Lalancette
23b1e5c0b0 Better error reporting in virsh.
When hitting failures in virsh, a common idiom is
to jump to a cleanup label, free some resources, and
then return a FALSE error code to vshCommandRun.
In theory, vshCommandRun is then supposed to print
out the last error.  The problem is that many of
the cleanup paths have library calls to free resources,
and all of those library calls clear out the last error.
This is leading to situations where no error is being
reported at all.

This patch remedies the situation somewhat by
printing out the errors inside the command methods
themselves when we know it will go through a cleanup
path that will lose the error.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-06 09:48:13 -04:00
Chris Lalancette
86fe2ba6dc Website documentation for the snapshot XML.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-06 09:44:03 -04:00
Chris Lalancette
fbf9fcbff4 Increase the number of available VNC ports.
When starting up qemu VNC autoport guests, we were
only looking through ports 5900 to 6000, meaning we
were limited to 100 total clients.  Increase that
limit to 65535 (the last available port), so we can
have up to 59635 VNC autoport guests.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-06 09:40:17 -04:00
Stefan Berger
f7d32ce260 This patch fixes some compilation issues for the RHEL5 build. I am also removing the IPV6 constant where it appears in the wrong place. 2010-04-06 06:29:00 -04:00
Matthias Bolte
84fa113217 Fix compiler warning about unused conn parameter
This only affects builds without NUMA support.
2010-04-06 11:47:28 +02:00
Matthias Bolte
fcd103bb2a openvz: Remove virConnectPtr from openvzError
Also remove unused enum values OPENVZ_WARN and OPENVZ_ERR.
2010-04-06 02:04:50 +02:00
Matthias Bolte
a4f9af057a one: Remove virConnectPtr from oneError 2010-04-06 02:03:36 +02:00
Matthias Bolte
a6c77af617 uml: Remove virConnectPtr from umlReportError 2010-04-06 02:03:34 +02:00
Matthias Bolte
e9125be594 Remove virConnectPtr from eventReportError 2010-04-06 02:02:24 +02:00
Matthias Bolte
5a19c24611 Remove virConnectPtr from virLibConnError 2010-04-06 02:01:51 +02:00
Matthias Bolte
b290e48cf7 xen: Remove virConnectPtr from xenUnifiedError 2010-04-06 01:56:01 +02:00
Matthias Bolte
6c175fa3d1 Remove virConnectPtr from nodeReportError 2010-04-06 01:47:51 +02:00
Matthias Bolte
8bd8bcaca8 netcf: Remove virConnectPtr from interfaceReportError 2010-04-06 01:47:02 +02:00
Matthias Bolte
7ece483dce xen: Remove virConnectPtr from virXenInotifyError 2010-04-06 01:46:42 +02:00
Matthias Bolte
67f34cd67b xen: Remove virConnectPtr from virXenStoreError 2010-04-06 01:46:02 +02:00
Matthias Bolte
68d5d96bce xen: Remove virConnectPtr from virXenError/virXenErrorFunc 2010-04-06 01:45:47 +02:00
Matthias Bolte
f2192637b0 xen: Remove virConnectPtr from virXMError 2010-04-06 01:44:51 +02:00
Matthias Bolte
5cec7af469 xen: Remove virConnectPtr from virXendError 2010-04-06 01:43:51 +02:00
Matthias Bolte
2127b42b46 proxy: Remove virConnectPtr from virProxyError 2010-04-06 01:43:23 +02:00
Matthias Bolte
a3884f8705 vbox: Remove virConnectPtr from vboxError 2010-04-06 01:41:58 +02:00
Matthias Bolte
1c91a0b44e test: Remove virConnectPtr from testError 2010-04-06 01:41:58 +02:00
Matthias Bolte
49411f029a Remove unnecessary trailing \n in log messages 2010-04-06 01:41:58 +02:00
Matthias Bolte
d2e0bd1779 Fix compiler warning about non-literal format string 2010-04-06 01:38:53 +02:00
Stefan Berger
45274d4121 This patch removes the virConnectPtr parameter from all functions where it's not necessary starting out with removing it as a parameter to the error reporting function. 2010-04-05 12:34:55 -04:00
Chris Lalancette
88151c7cbc Snapshot virsh implementation.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-05 10:25:02 -04:00
Jiri Denemark
c572222a14 Snapshots for VBox 2010-04-05 10:24:57 -04:00
Chris Lalancette
462c74c38a Snapshot QEMU driver.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-05 10:24:51 -04:00
Chris Lalancette
32c3c1f0b7 Only assign newDef when we have a new def.
While playing around with def/newDef with the qemu code,
I noticed that newDef was *always* getting set to a value,
even when I didn't redefine the domain.  I think the problem
is the virDomainLoadConfig is always doing virDomainAssignDef
regardless of whether the domain already exists in the hashtable.
In turn, virDomainAssignDef is assigning the definition (which
is actually a duplicate) to newDef.  Fix this so that newDef stays
NULL until we actually have a new def.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-05 10:24:44 -04:00
Chris Lalancette
9b55a52b4f Snapshot internal methods.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-05 10:24:38 -04:00
Chris Lalancette
2f992d4be4 Snapshot API framework.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-05 10:24:34 -04:00
David Allan
1bbe12de44 Clarified error message
* Since the file pattern matches RNG schemas as well as C sources, the error message should mention both.
2010-04-05 10:24:13 -04:00
Laine Stump
5dac5970a5 Eliminate compiler warning about non-const format string 2010-04-04 22:58:33 -04:00
Matthias Bolte
905709500a xenapi: Add managedsave entries to the driver struct
Commit 15c647a91e added the new
managedsave entries to all driver structs except the XenAPI one.
2010-04-04 18:23:52 +02:00
Stefan Berger
a44b23ba63 Get rid of the regular expressions when evaluating variable names and
values. Rather use the strspn() function. Along with this cleanup the
initialization function for the code that used the regular expression
can also be removed.
2010-04-04 10:34:52 -04:00
Matthias Bolte
5288b2ad8e nwfilter: Fix random index in virNWFilterRuleDefDetailsFormat
An uninitialized int value was used to index an array. This can
result in a segfault in nwfilterxml2xmltest.
2010-04-04 16:06:56 +02:00
Matthias Bolte
1b747f0ded xenapi: Fix uninitialized variable warning 2010-04-04 16:06:39 +02:00
Daniel Veillard
d068f9609c Add a managedsave command to virsh
This command implements the managed save operation

* tools/virsh.c: new command
* tools/virsh.pod: documentation
2010-04-04 11:36:59 +02:00
Daniel Veillard
6e41f30efc Implement managed save operations for qemu driver
The images are saved in /var/lib/libvirt/qemu/save/
and named $domainname.save . The directory is created appropriately
at daemon startup. When a domain is started while a saved image is
available, libvirt will try to load this saved image, and start the
domain as usual in case of failure. In any case the saved image is
discarded once the domain is created.

* src/qemu/qemu_conf.h: adds an extra save path to the driver config
* src/qemu/qemu_driver.c: implement the 3 new operations and handling
  of the image directory
2010-04-04 11:36:46 +02:00
Daniel Veillard
7a3da17a58 Implement remote protocol for managed save
* src/remote/remote_protocol.x src/remote/remote_protocol.h
  src/remote/remote_protocol.c src/remote/remote_driver.c: add the entry
  points in the remote driver
* daemon/remote.c daemon/remote_dispatch_args.h
  daemon/remote_dispatch_prototypes.h daemon/remote_dispatch_table.h:
  and implement the daemon counterpart
2010-04-04 11:36:33 +02:00
Daniel Veillard
15c647a91e Add managed save API entry points
virDomainManagedSave() is to be run on a running domain. Once the call
complete, as in virDomainSave() the domain is stopped upon completion,
but there is no restore counterpart as any order to start the domain
from the API would load the state from the managed file, similary if
the domain is autostarted when libvirtd starts.
Once a domain has restarted his managed save image is destroyed,
basically managed save image can only exist for a stopped domain,
for a running domain that would be by definition outdated data.

* include/libvirt/libvirt.h.in src/libvirt.c src/libvirt_public.syms:
  adds the new entry points virDomainManagedSave(),
  virDomainHasManagedSaveImage() and virDomainManagedSaveRemove()
* src/driver.h src/esx/esx_driver.c src/lxc/lxc_driver.c
  src/opennebula/one_driver.c  src/openvz/openvz_driver.c
  src/phyp/phyp_driver.c src/qemu/qemu_driver.c src/vbox/vbox_tmpl.c
  src/remote/remote_driver.c src/test/test_driver.c src/uml/uml_driver.c
  src/xen/xen_driver.c: add corresponding new internal drivers entry
  points
2010-04-04 11:07:48 +02:00
Eric Blake
d002c250cd build: improve check for out-of-date .gnulib submodule
git reset --hard 96e5a2d4d5
./autogen.sh
make -s
git pull
make -s    <-- expecting auto-bootstrap here, doesn't happen

Use git diff to expose whether the submodule has untracked changes,
which are typical on an incremental pull if .gnulib was updated but
the user did not manually run 'git submodule update'.

After this patch is applied, I encountered a new problem when
following the reproducing pattern.  Basically, the change to .gnulib
between libvirt's commit 96e5a2d4 and this patch introduced a change
to sys_ioctl.in.h, but gnulib (intentionally) does not make the
replacement headers depend on Makefile changes.  Therefore, I ended up
with the generated replacement header being broken:
gnulib/lib/sys/ioctl.h complained about a use of @.  But that seems
like something that should be fixed upstream in gnulib's bootstrap
script (that is, when doing a gnulib update, all files created from
.in.h file should probably be deleted).  Without the benefit of that
proposed gnulib fix, I worked around the problem by manually removing
the stale gnulib/lib/sys/ioctl.h.

* autogen.sh (t): Also run bootstrap if the gnulib submodule needs
to be updated.
* cfg.mk (_autogen): Likewise.
Reported by Matthias Bolte.
2010-04-02 15:49:32 -06:00
Stefan Berger
8d30e5f74d Use the virStrToLong_ui() function rather than the virStrToLong_i()
where possible.
2010-04-02 15:02:27 -04:00
Stefan Berger
d9292cfefb The attached patch optimizes the validation of the name of an interface. 2010-04-02 14:57:01 -04:00
Stefan Berger
8459218cbc This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 13:28:28 -04:00
Stefan Berger
b3e8f9f415 The following issues are fixed in the patch below:
- ebtables requires that some of the command line parameters are passed as hex numbers; so have those attributes call a function that prints 16 and 8 bit integers as hex nunbers.

- ip6tables requires '--icmpv6-type' rather than '--icmp-type'

- ebtables complains about protocol identifiers lower than 0x600, so already discard anything lower than 0x600 in the parser

- make the protocol entry types more readable using a #define for its entries

- continue parsing a filtering rule even if a faulty entry is encountered; return an error value at the end and let the caller decide what to do with the rule's object

- fix an error message
2010-04-02 13:21:10 -04:00