openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Only attempt removal of the rule allowing tftp if it was added 

During virtual network startup, the iptables rule that allows tftp
traffic is only added if network->def->tftproot is non-empty, but when
the virtual network is destroyed, we had been unconditionally trying
to delete the rule. This was harmless, except that it created a bogus
error message.

This patch conditionalizes the delete command in the same manner that
the insert command is already conditionalized.
This commit is contained in:
Laine Stump 2010-10-27 22:45:43 -04:00
parent 1dd49e921f
commit 0111cebb5a
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/network/bridge_driver.c
View File

@ -990,7 +990,8 @@ networkRemoveIptablesRules(struct network_driver *driver,
iptablesRemoveForwardAllowCross(driver->iptables, network->def->bridge);
iptablesRemoveForwardRejectIn(driver->iptables, network->def->bridge);
iptablesRemoveForwardRejectOut(driver->iptables, network->def->bridge);
iptablesRemoveUdpInput(driver->iptables, network->def->bridge, 69);
if (network->def->tftproot)
iptablesRemoveUdpInput(driver->iptables, network->def->bridge, 69);
iptablesRemoveUdpInput(driver->iptables, network->def->bridge, 53);
iptablesRemoveTcpInput(driver->iptables, network->def->bridge, 53);
iptablesRemoveUdpInput(driver->iptables, network->def->bridge, 67);