Re: [PATCH v3 0/4] don't masquerade local broadcast/multicast packets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 09/24/13 02:03, Laszlo Ersek wrote:

> v2->v3 changes:
> - Rename iptables(Add|Remove)ForwardDontMasquerade to
>          iptables(Add|Remove)DontMasquerade [Laine].
> - Pass (address, prefix) pairs as both source and destination parameters
>   to these functions.
> - Introduce virPfxSocketAddr structure for simpler handling of said
>   (address, prefix) pairs.
> - Also prevent masquerading of directed broadcast [Laine].
> - Start to get serious about pointers-to-const.

OK, let me summarize the comments still standing:

For v2:
- Laine wants the functions added in patch #1 renamed.
  http://thread.gmane.org/gmane.comp.emulators.libvirt/85709/focus=85715

For v3:

- Missing address family check for @dst in iptablesDontMasquerade() in
  patch #2 [Laine]
  http://thread.gmane.org/gmane.comp.emulators.libvirt/85751/focus=85772

- Drop the sa_assert()s in networkFillMasqExceptions() in patch #4
  [Laine]
  http://thread.gmane.org/gmane.comp.emulators.libvirt/85751/focus=85774

- Drop the address-dependent broadcast rule in patch #4 [Laine] same
  message

The address-dependent broadcast rule in patch #4 (that couldn't be
hard-coded) was the reason for all of the new code between v2 and v3. If
I drop that iptables rule, but keep the rest of v3, I'll be thrashing a
bunch of code around for no good reason.

I might as well fix up v2 as requested originally, and submit that as
v4.

What do you recommend? I think fixing up v2 with the renames is a better
approach. I'm fine either way, I'd just like to get this merged and stop
wasting the time of y'all.

Thanks!
Laszlo

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]