[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] BZ 657918 Default iptables setup in libvirt breaks mDNS



On 12-12-11 06:24 PM, Eric Blake wrote:
> 
> Thanks!

NP.  Had it just lying around here anyway.  :-)
 
> Comment should now mention 4 rules.

Doh!  Missed that in the patch port.  Updated in my local copy (which I
will of course resend once all of the initial review is done).

>> +    /* exempt multicast traffic */
>> +    if (iptablesAddForwardMasqueradeExempt(driver->iptables) < 0) {
>> +        virReportError(VIR_ERR_SYSTEM_ERROR,
>> +                           _("failed to add iptables rule to exempt multicast traffic from masquerading"));
> 
> Indentation is a bit off,

OK.  Fixed (again, locally).

> and you need a "%s" argument to keep the
> syntax-checker happy about a message with no other % operand.

Hrm.  There is no argument to substitute into a %s though.  There appear
to be lots of other "virReportError()" calls with no %s in them if
there is no argument such as:

        virReportError(VIR_ERR_SYSTEM_ERROR,
                       forwardIf ?
                       _("failed to add iptables rule to enable masquerading to %s") :
                       _("failed to add iptables rule to enable masquerading"),
                       forwardIf);

Notice if forwardIf is NULL, it will use the:

                       _("failed to add iptables rule to enable masquerading"),

branch.  Of course I could be missing something.
 
> Do we need an IPv6 counterpart?  (Or am I just showing my ignorance of
> what IPv6 does as a counterpart to IPv4 multicast?)

Hrm.  I wouldn't think so.  NAT (which is what masquerading is)
isn't supposed to exist in IPv6.  Billions of addresses and all that.
:-)  Unless my understanding is incorrect that is.

Cheers,
b.


Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]