mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-09-24 16:35:44 +00:00
552bdb9b35
With Eric Blake's suggestions applied. The following rule for direction 'in' <rule direction='in' action='drop'> <mac srcmacaddr='1:2:3:4:5:6'/> </rule> drops all traffic from the given mac address. The following rule for direction 'out' <rule direction='out' action='drop'> <mac dstmacaddr='1:2:3:4:5:6'/> </rule> drops all traffic to the given mac address. The following rule in direction 'inout' <rule direction='inout' action='drop'> <mac srcmacaddr='1:2:3:4:5:6'/> </rule> now drops all traffic from and to the given MAC address. So far it would have dropped traffic from the given MAC address and outgoing traffic with the given source MAC address, which is not useful since the packets will always have the VM's MAC address as source MAC address. The attached patch fixes this. This is the last bug I currently know of and want to fix. |
||
|---|---|---|
| .. | ||
| conf | ||
| cpu | ||
| esx | ||
| interface | ||
| lxc | ||
| network | ||
| node_device | ||
| nwfilter | ||
| opennebula | ||
| openvz | ||
| phyp | ||
| qemu | ||
| remote | ||
| secret | ||
| security | ||
| storage | ||
| test | ||
| uml | ||
| util | ||
| vbox | ||
| xen | ||
| xenapi | ||
| .gitignore | ||
| datatypes.c | ||
| datatypes.h | ||
| driver.c | ||
| driver.h | ||
| gnutls_1_0_compat.h | ||
| internal.h | ||
| libvirt_bridge.syms | ||
| libvirt_daemon.syms | ||
| libvirt_driver_modules.syms | ||
| libvirt_internal.h | ||
| libvirt_linux.syms | ||
| libvirt_macvtap.syms | ||
| libvirt_private.syms | ||
| libvirt_public.syms | ||
| libvirt.c | ||
| Makefile.am | ||
| nodeinfo.c | ||
| nodeinfo.h | ||
| README | ||
libvirt library code README
===========================
The directory provides the bulk of the libvirt codebase. Everything
except for the libvirtd daemon and client tools. The build uses a
large number of libtool convenience libraries - one for each child
directory, and then links them together for the final libvirt.so,
although some bits get linked directly to libvirtd daemon instead.
The files directly in this directory are supporting the public API
entry points & data structures.
There are two core shared modules to be aware of:
* util/ - a collection of shared APIs that can be used by any
code. This directory is always in the include path
for all things built
* conf/ - APIs for parsing / manipulating all the official XML
files used by the public API. This directory is only
in the include path for driver implementation modules
Then there are the hypervisor implementations:
* esx/ - VMware ESX and GSX support using vSphere API over SOAP
* lxc/ - Linux Native Containers
* opennebula/ - Open Nebula using XMLRPC
* openvz/ - OpenVZ containers using cli tools
* phyp/ - IBM Power Hypervisor using CLI tools over SSH
* qemu/ - QEMU / KVM using qemu CLI/monitor
* remote/ - Generic libvirt native RPC client
* test/ - A "mock" driver for testing
* uml/ - User Mode Linux
* vbox/ - Virtual Box using native API
* xen/ - Xen using hypercalls, XenD SEXPR & XenStore
Finally some secondary drivers that are shared for several HVs.
Currently these are used by LXC, OpenVZ, QEMU, UML and Xen drivers.
The ESX, OpenNebula, Power Hypervisor, Remote, Test & VirtualBox
drivers all implement the secondary drivers directly
* interface/ - Host network interface management
* network/ - Virtual NAT networking
* node_device/ - Host device enumeration
* secret/ - Secret management
* security/ - Mandatory access control drivers
* storage/ - Storage management drivers
Since both the hypervisor and secondary drivers can be built as
dlopen()able modules, it is *FORBIDDEN* to have build dependencies
between these directories. Drivers are only allowed to depend on
the public API, and the internal APIs in the util/ and conf/
directories