[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libvir] [patch 8/9] Remove --with-iptables-prefix



--with-iptables-prefix was added to integrate with
a proposed system for letting iptables know how to
reload our rules.

The idea was that we'd add our rules to a chain
like libvirt-INPUT rather than INPUT, and there'd
be a configuration file which would specify whether
INPUT should include libvirt-INPUT.

The proposed system wasn't accepted so, although
there might be some other theoretical use for this,
let's just remove it.

Signed-off-by: Mark McLoughlin <markmc redhat com>

Index: libvirt/configure.in
===================================================================
--- libvirt.orig/configure.in	2008-01-04 14:51:29.000000000 +0000
+++ libvirt.orig/configure.in	2008-01-04 14:51:29.000000000 +0000
@@ -183,16 +183,6 @@ AM_CONDITIONAL(LIBVIRT_INIT_SCRIPTS_RED_
 AC_MSG_RESULT($with_init_scripts)
 
 dnl
-dnl allow the creation of iptables rules in chains with a
-dnl specific prefix rather than in the standard toplevel chains
-dnl
-AC_ARG_WITH(iptables-prefix,
-            AC_HELP_STRING([--with-iptables-prefix=prefix],
-                           [prefix used for iptables chains, default is to use standard toplevel chains]),
-            [IPTABLES_PREFIX=$withval])
-AC_DEFINE_UNQUOTED(IPTABLES_PREFIX, "$IPTABLES_PREFIX", [prefix used for iptables chains])
-
-dnl
 dnl also support saving the various chains to files
 dnl in e.g. /etc/sysconfig/iptables.d
 dnl
Index: libvirt/src/iptables.c
===================================================================
--- libvirt.orig/src/iptables.c	2008-01-04 15:17:18.000000000 +0000
+++ libvirt.orig/src/iptables.c	2008-01-04 15:17:18.000000000 +0000
@@ -636,13 +636,13 @@ iptablesContextNew(void)
     if (!(ctx = calloc(1, sizeof (*ctx))))
         return NULL;
 
-    if (!(ctx->input_filter = iptRulesNew("filter", IPTABLES_PREFIX "INPUT")))
+    if (!(ctx->input_filter = iptRulesNew("filter", "INPUT")))
         goto error;
 
-    if (!(ctx->forward_filter = iptRulesNew("filter", IPTABLES_PREFIX "FORWARD")))
+    if (!(ctx->forward_filter = iptRulesNew("filter", "FORWARD")))
         goto error;
 
-    if (!(ctx->nat_postrouting = iptRulesNew("nat", IPTABLES_PREFIX "POSTROUTING")))
+    if (!(ctx->nat_postrouting = iptRulesNew("nat", "POSTROUTING")))
         goto error;
 
     return ctx;

-- 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]