NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

Include the iptables command and chain name in the saved rules files

Browse Source
This commit is contained in:
Mark McLoughlin 2008-01-10 13:51:55 +00:00
parent 9d04c25ab2
commit a43ddc075a
2 changed files with 43 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,3 +1,8 @@
Thu Jan 10 13:51:00 GMT 2008 Mark McLoughlin <markmc@redhat.com>
* src/iptables.c: Include the iptables command and chain
name in the saved rules files
Thu Jan 10 13:50:11 GMT 2008 Mark McLoughlin <markmc@redhat.com> Thu Jan 10 13:50:11 GMT 2008 Mark McLoughlin <markmc@redhat.com>
* src/iptables.c: Re-name the "flipflop" variable to "command_idx" * src/iptables.c: Re-name the "flipflop" variable to "command_idx"

59
src/iptables.c
View File

@ -335,37 +335,55 @@ iptablesAddRemoveChain(iptRules *rules, int action)
return retval; return retval;
} }
static char *
argvToString(char **argv)
{
int len, i;
char *ret, *p;
for (len = 1, i = 0; argv[i]; i++)
len += strlen(argv[i]) + 1;
if (!(p = ret = (char *)malloc(len)))
return NULL;
for (i = 0; argv[i]; i++) {
if (i != 0)
*(p++) = ' ';
strcpy(p, argv[i]);
p += strlen(argv[i]);
}
*p = '\0';
return ret;
}
static int static int
iptablesAddRemoveRule(iptRules *rules, int action, const char *arg, ...) iptablesAddRemoveRule(iptRules *rules, int action, const char *arg, ...)
{ {
va_list args; va_list args;
int retval = ENOMEM; int retval = ENOMEM;
char **argv; char **argv;
char *rule = NULL, *p; char *rule = NULL;
const char *s; const char *s;
int n, rulelen, command_idx; int n, command_idx;
n = 1 + /* /sbin/iptables */ n = 1 + /* /sbin/iptables */
2 + /* --table foo */ 2 + /* --table foo */
2 + /* --insert bar */ 2 + /* --insert bar */
1; /* arg */ 1; /* arg */
rulelen = strlen(arg) + 1;
va_start(args, arg); va_start(args, arg);
while ((s = va_arg(args, const char *))) { while ((s = va_arg(args, const char *)))
n++; n++;
rulelen += strlen(s) + 1;
}
va_end(args); va_end(args);
if (!(argv = calloc(n + 1, sizeof(*argv)))) if (!(argv = calloc(n + 1, sizeof(*argv))))
goto error; goto error;
if (!(rule = (char *)malloc(rulelen)))
goto error;
n = 0; n = 0;
if (!(argv[n++] = strdup(IPTABLES_PATH))) if (!(argv[n++] = strdup(IPTABLES_PATH)))
@ -379,7 +397,7 @@ iptablesAddRemoveRule(iptRules *rules, int action, const char *arg, ...)
command_idx = n; command_idx = n;
if (!(argv[n++] = strdup(action == ADD ? "--insert" : "--delete"))) if (!(argv[n++] = strdup("--insert")))
goto error; goto error;
if (!(argv[n++] = strdup(rules->chain))) if (!(argv[n++] = strdup(rules->chain)))
@ -388,23 +406,22 @@ iptablesAddRemoveRule(iptRules *rules, int action, const char *arg, ...)
if (!(argv[n++] = strdup(arg))) if (!(argv[n++] = strdup(arg)))
goto error; goto error;
p = strcpy(rule, arg);
p += strlen(arg);
va_start(args, arg); va_start(args, arg);
while ((s = va_arg(args, const char *))) { while ((s = va_arg(args, const char *)))
if (!(argv[n++] = strdup(s))) if (!(argv[n++] = strdup(s)))
goto error; goto error;
*(p++) = ' ';
strcpy(p, s);
p += strlen(s);
}
va_end(args); va_end(args);
*p = '\0'; if (!(rule = argvToString(&argv[command_idx])))
goto error;
if (action == REMOVE) {
free(argv[command_idx]);
if (!(argv[command_idx] = strdup("--delete")))
goto error;
}
if (action == ADD && if (action == ADD &&
(retval = iptablesAddRemoveChain(rules, action))) (retval = iptablesAddRemoveChain(rules, action)))