[Libvirt-cim] [PATCH 4 of 4] FilterEntry: Fix behavior of convert_ip_rule_to_instance

Chip Vincent cvincent at linux.vnet.ibm.com
Tue Oct 11 16:38:19 UTC 2011


+1. I like the new struct in the provider since that's the layer that 
"flattens" the data--that is, converts the various rules types to one of 
the three instance types.

On 10/06/2011 11:46 AM, Eduardo Lima (Etrunko) wrote:
>   src/Virt_FilterEntry.c |  162 ++++++++++++++++++++++++++++++++++++++----------
>   1 files changed, 126 insertions(+), 36 deletions(-)
>
>
> # HG changeset patch
> # User Eduardo Lima (Etrunko)<eblima at br.ibm.com>
> # Date 1317915956 10800
> # Node ID e6c6f9ccb51303f67fce26e74de9ab746d10a04b
> # Parent  1a08d8186f3064dfb0c38ecb5846ffc1e7d5de4d
> FilterEntry: Fix behavior of convert_ip_rule_to_instance
>
> The function was always referencing the 'tcp' fileld of the var union in struct
> acl_rule, while it should take into account the rule type to access the correct
> fields. This could probably go to acl_parsing, but I thought it would be a less
> intrusive change to patch only FilterEntry provider.
>
> Signed-off-by: Eduardo Lima (Etrunko)<eblima at br.ibm.com>
>
> diff --git a/src/Virt_FilterEntry.c b/src/Virt_FilterEntry.c
> --- a/src/Virt_FilterEntry.c
> +++ b/src/Virt_FilterEntry.c
> @@ -35,6 +35,27 @@
>   #include "Virt_HostSystem.h"
>
>   const static CMPIBroker *_BROKER;
> +struct rule_data_t {
> +        const char *srcmacaddr;
> +        const char *srcmacmask;
> +        const char *dstmacaddr;
> +        const char *dstmacmask;
> +
> +        const char *srcipaddr;
> +        const char *srcipmask;
> +        const char *dstipaddr;
> +        const char *dstipmask;
> +
> +        const char *srcipfrom;
> +        const char *srcipto;
> +        const char *dstipfrom;
> +        const char *dstipto;
> +
> +        const char *srcportstart;
> +        const char *srcportend;
> +        const char *dstportstart;
> +        const char *dstportend;
> +};
>
>   static int octets_from_mac(const char * s, unsigned int *buffer,
>                                   unsigned int size)
> @@ -239,6 +260,75 @@
>                           (CMPIValue *)&array, CMPI_uint8A);
>   }
>
> +static void fill_rule_data(struct acl_rule *rule,
> +                           struct rule_data_t *data)
> +{
> +        if (rule == NULL || data == NULL)
> +                return;
> +
> +        memset(data, 0, sizeof(*data));
> +
> +        switch (rule->type) {
> +        case IP_RULE:
> +                data->srcmacaddr = rule->var.ip.srcmacaddr;
> +                data->srcmacmask = rule->var.ip.srcmacmask;
> +                data->dstmacaddr = rule->var.ip.srcmacaddr;
> +                data->dstmacmask = rule->var.ip.dstmacmask;
> +
> +                data->srcipaddr = rule->var.ip.srcipaddr;
> +                data->srcipmask = rule->var.ip.srcipmask;
> +                data->dstipaddr = rule->var.ip.dstipaddr;
> +                data->dstipmask = rule->var.ip.dstipmask;
> +
> +                data->srcportstart = rule->var.ip.srcportstart;
> +                data->srcportend   = rule->var.ip.srcportend;
> +                data->dstportstart = rule->var.ip.dstportstart;
> +                data->dstportend   = rule->var.ip.dstportend;
> +                break;
> +
> +        case TCP_RULE:
> +                data->srcmacaddr = rule->var.tcp.srcmacaddr;
> +
> +                data->srcipaddr = rule->var.tcp.srcipaddr;
> +                data->srcipmask = rule->var.tcp.srcipmask;
> +                data->dstipaddr = rule->var.tcp.dstipaddr;
> +                data->dstipmask = rule->var.tcp.dstipmask;
> +
> +                data->srcipfrom = rule->var.tcp.srcipfrom;
> +                data->srcipto   = rule->var.tcp.srcipto;
> +                data->dstipfrom = rule->var.tcp.dstipfrom;
> +                data->dstipto   = rule->var.tcp.dstipto;
> +
> +                data->srcportstart = rule->var.tcp.srcportstart;
> +                data->srcportend   = rule->var.tcp.srcportend;
> +                data->dstportstart = rule->var.tcp.dstportstart;
> +                data->dstportend   = rule->var.tcp.dstportend;
> +                break;
> +
> +        case ICMP_IGMP_RULE:
> +                data->srcmacaddr = rule->var.icmp_igmp.srcmacaddr;
> +                data->srcmacmask = rule->var.icmp_igmp.srcmacmask;
> +                data->dstmacaddr = rule->var.icmp_igmp.srcmacaddr;
> +                data->dstmacmask = rule->var.icmp_igmp.dstmacmask;
> +
> +                data->srcipaddr = rule->var.icmp_igmp.srcipaddr;
> +                data->srcipmask = rule->var.icmp_igmp.srcipmask;
> +                data->dstipaddr = rule->var.icmp_igmp.dstipaddr;
> +                data->dstipmask = rule->var.icmp_igmp.dstipmask;
> +
> +                data->srcipfrom = rule->var.icmp_igmp.srcipfrom;
> +                data->srcipto   = rule->var.icmp_igmp.srcipto;
> +                data->dstipfrom = rule->var.icmp_igmp.dstipfrom;
> +                data->dstipto   = rule->var.icmp_igmp.dstipto;
> +                break;
> +
> +        default:
> +                CU_DEBUG("%s(): unhandled rule type '%d'",
> +                         __FUNCTION__, rule->type);
> +                break;
> +        }
> +}
> +
>   static void convert_ip_rule_to_instance(
>           struct acl_rule *rule,
>           CMPIInstance *inst,
> @@ -248,6 +338,7 @@
>           unsigned int size = 0;
>           unsigned int n = 0;
>           CMPIArray *array = NULL;
> +        struct rule_data_t rule_data;
>
>           if (strstr(rule->protocol_id, "v6"))
>                   n = 6;
> @@ -256,9 +347,11 @@
>
>           CMSetProperty(inst, "HdrIPVersion",(CMPIValue *)&n, CMPI_uint8);
>
> -        if (rule->var.tcp.srcipfrom&&  rule->var.tcp.srcipto) {
> +        fill_rule_data(rule,&rule_data);
> +
> +        if (rule_data.srcipfrom&&  rule_data.srcipto) {
>                   memset(bytes, 0, sizeof(bytes));
> -                size = octets_from_ip(rule->var.tcp.srcipfrom,
> +                size = octets_from_ip(rule_data.srcipfrom,
>                           bytes, sizeof(bytes));
>
>                   array = octets_to_cmpi(broker, bytes, size);
> @@ -267,7 +360,7 @@
>                                   (CMPIValue *)&array, CMPI_uint8A);
>
>                   memset(bytes, 0, sizeof(bytes));
> -                size = octets_from_ip(rule->var.tcp.srcipto,
> +                size = octets_from_ip(rule_data.srcipto,
>                           bytes, sizeof(bytes));
>
>                   array = octets_to_cmpi(broker, bytes, size);
> @@ -276,7 +369,7 @@
>                                   (CMPIValue *)&array, CMPI_uint8A);
>           } else {
>                   memset(bytes, 0, sizeof(bytes));
> -                size = octets_from_ip(rule->var.tcp.srcipaddr,
> +                size = octets_from_ip(rule_data.srcipaddr,
>                           bytes, sizeof(bytes));
>
>                   array = octets_to_cmpi(broker, bytes, size);
> @@ -285,8 +378,8 @@
>                                   (CMPIValue *)&array, CMPI_uint8A);
>
>                   /* CIDR notation? */
> -                if (rule->var.tcp.srcipmask) {
> -                        char *netmask = strdup(rule->var.tcp.srcipmask);
> +                if (rule_data.srcipmask) {
> +                        char *netmask = strdup(rule_data.srcipmask);
>                           if (strstr(netmask, ".") == NULL) {
>                                   char *tmp = cidr_to_str(netmask);
>                                   free(netmask);
> @@ -305,9 +398,9 @@
>                   }
>           }
>
> -        if (rule->var.tcp.dstipfrom&&  rule->var.tcp.dstipto) {
> +        if (rule_data.dstipfrom&&  rule_data.dstipto) {
>                   memset(bytes, 0, sizeof(bytes));
> -                size = octets_from_ip(rule->var.tcp.dstipfrom,
> +                size = octets_from_ip(rule_data.dstipfrom,
>                           bytes, sizeof(bytes));
>
>                   array = octets_to_cmpi(broker, bytes, size);
> @@ -316,7 +409,7 @@
>                                   (CMPIValue *)&array, CMPI_uint8A);
>
>                   memset(bytes, 0, sizeof(bytes));
> -                size = octets_from_ip(rule->var.tcp.dstipto,
> +                size = octets_from_ip(rule_data.dstipto,
>                           bytes, sizeof(bytes));
>
>                   array = octets_to_cmpi(broker, bytes, size);
> @@ -325,7 +418,7 @@
>                                   (CMPIValue *)&array, CMPI_uint8A);
>           } else {
>                   memset(bytes, 0, sizeof(bytes));
> -                size = octets_from_ip(rule->var.tcp.dstipaddr,
> +                size = octets_from_ip(rule_data.dstipaddr,
>                           bytes, sizeof(bytes));
>
>                   array = octets_to_cmpi(broker, bytes, size);
> @@ -334,8 +427,8 @@
>                                   (CMPIValue *)&array, CMPI_uint8A);
>
>                   /* CIDR notation? */
> -                if (rule->var.tcp.dstipmask) {
> -                        char *netmask = strdup(rule->var.tcp.dstipmask);
> +                if (rule_data.dstipmask) {
> +                        char *netmask = strdup(rule_data.dstipmask);
>                           if (strstr(netmask, ".") == NULL) {
>                                   char *tmp = cidr_to_str(netmask);
>                                   free(netmask);
> @@ -354,32 +447,29 @@
>                   }
>           }
>
> -        if ((rule->type == IP_RULE) || (rule->type == TCP_RULE)) {
> -                if (rule->var.tcp.srcportstart) {
> -                        n = atoi(rule->var.tcp.srcportstart);
> -                        CMSetProperty(inst, "HdrSrcPortStart",
> -                                (CMPIValue *)&n, CMPI_uint16);
> -                }
> -
> -                if (rule->var.tcp.srcportend) {
> -                        n = atoi(rule->var.tcp.srcportend);
> -                        CMSetProperty(inst, "HdrSrcPortEnd",
> -                                (CMPIValue *)&n, CMPI_uint16);
> -                }
> -
> -                if (rule->var.tcp.dstportstart) {
> -                        n = atoi(rule->var.tcp.dstportstart);
> -                        CMSetProperty(inst, "HdrDestPortStart",
> -                                (CMPIValue *)&n, CMPI_uint16);
> -                }
> -
> -                if (rule->var.tcp.dstportend) {
> -                        n = atoi(rule->var.tcp.dstportend);
> -                        CMSetProperty(inst, "HdrDestPortEnd",
> -                                (CMPIValue *)&n, CMPI_uint16);
> -                }
> +        if (rule_data.srcportstart) {
> +                n = atoi(rule_data.srcportstart);
> +                CMSetProperty(inst, "HdrSrcPortStart",
> +                        (CMPIValue *)&n, CMPI_uint16);
>           }
>
> +        if (rule_data.srcportend) {
> +                n = atoi(rule_data.srcportend);
> +                CMSetProperty(inst, "HdrSrcPortEnd",
> +                        (CMPIValue *)&n, CMPI_uint16);
> +        }
> +
> +        if (rule_data.dstportstart) {
> +                n = atoi(rule_data.dstportstart);
> +                CMSetProperty(inst, "HdrDestPortStart",
> +                        (CMPIValue *)&n, CMPI_uint16);
> +        }
> +
> +        if (rule_data.dstportend) {
> +                n = atoi(rule_data.dstportend);
> +                CMSetProperty(inst, "HdrDestPortEnd",
> +                        (CMPIValue *)&n, CMPI_uint16);
> +        }
>   }
>
>   static CMPIInstance *convert_rule_to_instance(
>
> _______________________________________________
> Libvirt-cim mailing list
> Libvirt-cim at redhat.com
> https://www.redhat.com/mailman/listinfo/libvirt-cim
>

-- 
Chip Vincent
Open Virtualization
IBM Linux Technology Center
cvincent at linux.vnet.ibm.com




More information about the Libvirt-cim mailing list