openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

nwfilter: also purge ip(6)tables rules before detecting IP address 

Rather than only cleaning any remaining ebtables rules, also clean those applied to iptables and ip6tables when detecting the IP address of an interface. Previous applied iptables rules may hinder DHCP packets.
This commit is contained in:
Stefan Berger 2010-11-16 21:18:21 -05:00
parent 7b7cb1ecc9
commit d4897acff8
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/nwfilter/nwfilter_ebiptables_driver.c
View File

@ -117,6 +117,7 @@ static int ebtablesRemoveBasicRules(const char *ifname);
static int ebiptablesDriverInit(void);
static void ebiptablesDriverShutdown(void);
static int ebtablesCleanAll(const char *ifname);
static int ebiptablesAllTeardown(const char *ifname);
static virMutex execCLIMutex;
@ -2942,7 +2943,7 @@ ebtablesApplyBasicRules(const char *ifname,
virFormatMacAddr(macaddr, macaddr_str);
ebtablesCleanAll(ifname);
ebiptablesAllTeardown(ifname);
ebtablesCreateTmpRootChain(&buf, 1, ifname, 1);
@ -3041,7 +3042,7 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
virFormatMacAddr(macaddr, macaddr_str);
ebtablesCleanAll(ifname);
ebiptablesAllTeardown(ifname);
ebtablesCreateTmpRootChain(&buf, 1, ifname, 1);
ebtablesCreateTmpRootChain(&buf, 0, ifname, 1);
@ -3143,7 +3144,7 @@ ebtablesApplyDropAllRules(const char *ifname)
return 1;
}
ebtablesCleanAll(ifname);
ebiptablesAllTeardown(ifname);
ebtablesCreateTmpRootChain(&buf, 1, ifname, 1);
ebtablesCreateTmpRootChain(&buf, 0, ifname, 1);