openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
15,045 Commits 7 Branches 582 Tags 800 MiB
C 96.1%
Python 1.4%
Meson 0.9%
Perl 0.6%
Shell 0.5%
Other 0.4%
Go to file
Laine Stump 54f9492353 network: properly update iptables rules during net-update 
This patch resolves:

  https://bugzilla.redhat.com/show_bug.cgi?id=1035336

The basic problem is that during a network update, the required
iptables rules sometimes change, and this was being handled by simply
removing and re-adding the rules. However, the removal of the old
rules was done based on the *new* state of the network, which would
mean that some of the rules would not match those currently in the
system, so the old rules wouldn't be removed.

This patch removes the old rules prior to updating the network
definition then adds the new rules as soon as the definition is
updated. Note that this could lead to a stray packet or two during the
interim, but that was already a problem before (the period of limbo is
now just slightly longer).

While moving the location for the rules, I added a few more sections
that should result in the iptables rules being redone:

DHCP_RANGE and DHCP_HOST - these are needed because adding/removing a dhcp
host entry could lead to the dhcp service being started/stopped, which
would require that the mangle rule that fixes up dhcp response
checksums sould need to be added/removed, and this wasn't being done.
 		2013-11-28 16:55:20 +02:00
.gnulib@831b84c59e maint: update to latest gnulib 2013-11-23 21:05:15 -07:00
build-aux maint: enforce comma style usage 2013-11-20 09:24:18 -07:00
daemon Remove all direct use of getenv 2013-10-21 14:03:52 +01:00
docs LXC: add securetty related note in Device nodes 2013-11-26 16:50:05 +00:00
examples Remove python binding 2013-11-25 16:08:00 +00:00
gnulib Don't link virt-login-shell against libvirt.so (CVE-2013-4400) 2013-10-21 14:03:52 +01:00
include storage: add network-dir as new storage volume type 2013-11-25 12:29:49 -07:00
m4 storage: initial support for linking with libgfapi 2013-11-25 11:02:52 -07:00
po storage: initial support for linking with libgfapi 2013-11-25 11:02:52 -07:00
src network: properly update iptables rules during net-update 2013-11-28 16:55:20 +02:00
tests Fix bug in identifying sub-mounts 2013-11-28 11:49:01 +00:00
tools storage: add network-dir as new storage volume type 2013-11-25 12:29:49 -07:00
.ctags maint: Make ctags work out of the box 2013-07-18 08:47:21 +02:00
.dir-locals.el build: avoid tabs that failed syntax-check 2012-09-06 09:43:46 -06:00
.gitignore Pull lxcContainerGetSubtree out into shared virfile module 2013-11-28 11:49:01 +00:00
.gitmodules make .gnulib a submodule 2009-07-08 16:17:51 +02:00
.mailmap Autogenerate AUTHORS 2012-10-19 12:44:56 -04:00
AUTHORS.in Add John Ferlan to the committers list 2013-02-05 10:59:32 -05:00
COPYING maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
COPYING.LESSER maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
ChangeLog-old maint: typo fixes 2013-10-22 16:49:32 +01:00
HACKING maint: enforce comma style usage 2013-11-20 09:24:18 -07:00
Makefile.am Remove obsolete 'tests' makefile target 2013-11-25 16:28:55 +00:00
Makefile.nonreentrant maint: use LGPL correctly 2013-05-20 14:03:48 -06:00
README Correct typos in the documentation (Atsushi SAKAI) 2008-01-24 10:15:13 +00:00
README-hacking maint: relax git minimum version 2010-02-24 14:29:27 -05:00
TODO Update todo list file to point at bugzilla/website 2010-10-13 16:45:26 +01:00
autobuild.sh Remove python binding 2013-11-25 16:08:00 +00:00
autogen.sh autogen.sh: Correctly detect .git as a file 2013-08-29 13:19:45 +02:00
bootstrap maint: update to latest gnulib 2013-09-24 06:53:07 -06:00
bootstrap.conf Add helpers for getting env vars in a setuid environment 2013-10-21 14:03:52 +01:00
cfg.mk Remove python binding 2013-11-25 16:08:00 +00:00
config-post.h build: fix build of virt-login-shell on systems with older gnutls 2013-10-22 09:41:50 -06:00
configure.ac look for numad in /usr/sbin 2013-11-26 21:32:43 -07:00
libvirt.pc.in Add missing 'libvirt_lxc_api' variable in pkg-config file 2013-09-04 14:52:40 +01:00
libvirt.spec.in storage: initial support for linking with libgfapi 2013-11-25 11:02:52 -07:00
mingw-libvirt.spec.in Remove python binding 2013-11-25 16:08:00 +00:00
run.in Remove python binding 2013-11-25 16:08:00 +00:00

README 

         LibVirt : simple API for virtualization

  Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.

Daniel Veillard <veillard@redhat.com>