openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

network: save network status when firewall rules are reloaded 

In the case that a new version of libvirt is started that uses
different rules to build the network firewall, we need to re-save the
status so that when the network is destroyed (or the *next* time
libvirt is restarted and wants to remove/re-add the firewall), it will
have the proper information to perform the firewall removal.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Laine Stump 2024-04-19 22:19:42 -04:00
parent 97061d576b
commit 110383fa30
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/conf/virnetworkobj.c
View File

@ -834,6 +834,7 @@ virNetworkObjSaveStatus(const char *statusDir,
int flags = 0; int flags = 0;
g_autofree char *xml = NULL; g_autofree char *xml = NULL;
VIR_DEBUG("Writing network status to disk");
if (!(xml = virNetworkObjFormat(obj, xmlopt, flags))) if (!(xml = virNetworkObjFormat(obj, xmlopt, flags)))
return -1; return -1;

8
src/network/bridge_driver.c
View File

@ -1686,6 +1686,7 @@ networkReloadFirewallRulesHelper(virNetworkObj *obj,
VIR_LOCK_GUARD lock = virObjectLockGuard(obj); VIR_LOCK_GUARD lock = virObjectLockGuard(obj);
virNetworkDef *def = virNetworkObjGetDef(obj); virNetworkDef *def = virNetworkObjGetDef(obj);
virFirewall *fwRemoval = NULL; virFirewall *fwRemoval = NULL;
bool saveStatus = false;
if (virNetworkObjIsActive(obj)) { if (virNetworkObjIsActive(obj)) {
switch ((virNetworkForwardType) def->forward.type) { switch ((virNetworkForwardType) def->forward.type) {
@ -1700,6 +1701,7 @@ networkReloadFirewallRulesHelper(virNetworkObj *obj,
networkRemoveFirewallRules(obj); networkRemoveFirewallRules(obj);
ignore_value(networkAddFirewallRules(def, cfg->firewallBackend, &fwRemoval)); ignore_value(networkAddFirewallRules(def, cfg->firewallBackend, &fwRemoval));
virNetworkObjSetFwRemoval(obj, fwRemoval); virNetworkObjSetFwRemoval(obj, fwRemoval);
saveStatus = true;
break; break;
case VIR_NETWORK_FORWARD_OPEN: case VIR_NETWORK_FORWARD_OPEN:
@ -1717,6 +1719,11 @@ networkReloadFirewallRulesHelper(virNetworkObj *obj,
} }
} }
if (saveStatus) {
ignore_value(virNetworkObjSaveStatus(cfg->stateDir, obj,
network_driver->xmlopt));
}
return 0; return 0;
} }
@ -2366,7 +2373,6 @@ networkStartNetwork(virNetworkDriverState *driver,
/* Persist the live configuration now that anything autogenerated /* Persist the live configuration now that anything autogenerated
* is setup. * is setup.
*/ */
VIR_DEBUG("Writing network status to disk");
if (virNetworkObjSaveStatus(cfg->stateDir, if (virNetworkObjSaveStatus(cfg->stateDir,
obj, network_driver->xmlopt) < 0) obj, network_driver->xmlopt) < 0)
goto cleanup; goto cleanup;