This patch adds build support for the network filtering framework.
Signed-off-by: Stefan Berger <[email protected]>
---
configure.ac | 9 +++++++++
daemon/Makefile.am | 4 ++++
src/Makefile.am | 32 ++++++++++++++++++++++++++++++++
src/libvirt_private.syms | 39 +++++++++++++++++++++++++++++++++++++++
src/libvirt_public.syms | 19 +++++++++++++++++++
5 files changed, 103 insertions(+)
Index: libvirt-acl/src/Makefile.am
===================================================================
--- libvirt-acl.orig/src/Makefile.am
+++ libvirt-acl/src/Makefile.am
@@ -98,6 +98,14 @@ DOMAIN_EVENT_SOURCES = \
NETWORK_CONF_SOURCES = \
conf/network_conf.c conf/network_conf.h
+# Network filter driver generic impl APIs
+NWFILTER_PARAM_CONF_SOURCES = \
+ conf/nwfilter_params.c conf/nwfilter_conf.h
+
+NWFILTER_CONF_SOURCES = \
+ $(NWFILTER_PARAM_CONF_SOURCES) \
+ conf/nwfilter_conf.c conf/nwfilter_conf.h
+
# Storage driver generic impl APIs
STORAGE_CONF_SOURCES = \
conf/storage_conf.h conf/storage_conf.c
@@ -124,6 +132,7 @@ CONF_SOURCES = \
$(DOMAIN_CONF_SOURCES) \
$(DOMAIN_EVENT_SOURCES) \
$(NETWORK_CONF_SOURCES) \
+ $(NWFILTER_CONF_SOURCES) \
$(NODE_DEVICE_CONF_SOURCES) \
$(STORAGE_CONF_SOURCES) \
$(ENCRYPTION_CONF_SOURCES) \
@@ -273,6 +282,11 @@ STORAGE_DRIVER_DISK_SOURCES = \
STORAGE_HELPER_DISK_SOURCES = \
storage/parthelper.c
+# Network filters
+NWFILTER_DRIVER_SOURCES = \
+ nwfilter/nwfilter_driver.h nwfilter/nwfilter_driver.c \
+ nwfilter/nwfilter_gentech_driver.c \
+ nwfilter/nwfilter_ebiptables_driver.c
# Security framework and drivers for various models
SECURITY_DRIVER_SOURCES = \
@@ -716,6 +730,22 @@ endif
endif
+if WITH_NWFILTER
+if WITH_DRIVER_MODULES
+mod_LTLIBRARIES += libvirt_driver_nwfilter.la
+else
+libvirt_la_LIBADD += libvirt_driver_nwfilter.la
+noinst_LTLIBRARIES += libvirt_driver_nwfilter.la
+endif
+libvirt_driver_nwfilter_la_CFLAGS = \
+ -...@top_srcdir@/src/conf
+if WITH_DRIVER_MODULES
+libvirt_driver_nwfilter_la_LDFLAGS = -module -avoid-version ../gnulib/lib/libgnu.la
+endif
+libvirt_driver_nwfilter_la_SOURCES = $(NWFILTER_DRIVER_SOURCES)
+endif
+
+
libvirt_driver_security_la_SOURCES = $(SECURITY_DRIVER_SOURCES)
noinst_LTLIBRARIES += libvirt_driver_security.la
libvirt_la_LIBADD += libvirt_driver_security.la
@@ -759,6 +789,7 @@ EXTRA_DIST += \
$(NODE_DEVICE_DRIVER_SOURCES) \
$(NODE_DEVICE_DRIVER_HAL_SOURCES) \
$(NODE_DEVICE_DRIVER_UDEV_SOURCES) \
+ $(NWFILTER_DRIVER_SOURCES) \
$(SECURITY_DRIVER_SELINUX_SOURCES) \
$(SECURITY_DRIVER_APPARMOR_SOURCES) \
$(SECRET_DRIVER_SOURCES) \
@@ -893,6 +924,7 @@ libvirt_lxc_SOURCES = \
$(NODE_INFO_SOURCES) \
$(ENCRYPTION_CONF_SOURCES) \
$(DOMAIN_CONF_SOURCES) \
+ $(NWFILTER_PARAM_CONF_SOURCES) \
$(CPU_CONF_SOURCES)
libvirt_lxc_LDFLAGS = $(WARN_CFLAGS) $(COVERAGE_LDCFLAGS) $(CAPNG_LIBS) $(YAJL_LIBS)
libvirt_lxc_LDADD = $(LIBXML_LIBS) $(NUMACTL_LIBS) ../gnulib/lib/libgnu.la
Index: libvirt-acl/src/libvirt_private.syms
===================================================================
--- libvirt-acl.orig/src/libvirt_private.syms
+++ libvirt-acl/src/libvirt_private.syms
@@ -105,6 +105,8 @@ virUnrefConnect;
virUnrefSecret;
virGetStream;
virUnrefStream;
+virGetNWFilter;
+virUnrefNWFiler;
# domain_conf.h
@@ -303,6 +305,7 @@ virRegisterStateDriver;
virRegisterStorageDriver;
virRegisterDeviceMonitor;
virRegisterSecretDriver;
+virRegisterNWFilterDriver;
# json.h
@@ -438,6 +441,42 @@ virNodeDeviceGetWWNs;
virNodeDeviceGetParentHost;
+# nwfilter_conf.h
+virNWFilterPoolLoadAllConfigs;
+virNWFilterPoolObjAssignDef;
+virNWFilterPoolObjSaveDef;
+virNWFilterPoolObjFindByName;
+virNWFilterPoolObjFindByUUID;
+virNWFilterPoolObjLock;
+virNWFilterPoolObjUnlock;
+virNWFilterPoolObjRemove;
+virNWFilterDefFree;
+virNWFilterDefParseString;
+virNWFilterPoolObjDeleteDef;
+virNWFilterPoolObjListFree;
+virNWFilterDefFormat;
+virNWFilterChainSuffixTypeToString;
+virNWFilterRuleActionTypeToString;
+virNWFilterJumpTargetTypeToString;
+virNWFilterRegisterCallbackDriver;
+virNWFilterTestUnassignDef;
+virNWFilterConfLayerInit;
+virNWFilterConfLayerShutdown;
+
+
+#nwfilter_params.h
+virNWFilterHashTableCreate;
+virNWFilterHashTableFree;
+virNWFilterHashTablePut;
+virNWFilterHashTablePutAll;
+virNWFilterHashTableRemoveEntry;
+
+
+# nwfilter_gentech_driver.h
+virNWFilterInstantiateFilter;
+virNWFilterTeardownFilter;
+
+
# pci.h
pciGetDevice;
pciFreeDevice;
Index: libvirt-acl/daemon/Makefile.am
===================================================================
--- libvirt-acl.orig/daemon/Makefile.am
+++ libvirt-acl/daemon/Makefile.am
@@ -116,6 +116,10 @@ endif
if WITH_SECRETS
libvirtd_LDADD += ../src/libvirt_driver_secret.la
endif
+
+if WITH_NWFILTER
+ libvirtd_LDADD += ../src/libvirt_driver_nwfilter.la
+endif
endif
libvirtd_LDADD += ../src/libvirt.la
Index: libvirt-acl/configure.ac
===================================================================
--- libvirt-acl.orig/configure.ac
+++ libvirt-acl/configure.ac
@@ -1267,6 +1267,15 @@ if test "$with_secrets" = "yes" ; then
fi
AM_CONDITIONAL([WITH_SECRETS], [test "$with_secrets" = "yes"])
+with_nwfilter=yes
+if test "$with_libvirtd" = "no"; then
+ with_nwfilter=no
+fi
+if test "$with_nwfilter" = "yes" ; then
+ AC_DEFINE_UNQUOTED([WITH_NWFILTER], 1, [whether local network filter management driver is available])
+fi
+AM_CONDITIONAL([WITH_NWFILTER], [test "$with_nwfilter" = "yes"])
+
AC_ARG_WITH([storage-fs],
AC_HELP_STRING([--with-storage-fs], [with FileSystem backend for the storage driver @<:@default=check@:>@]),[],[with_storage_fs=check])
Index: libvirt-acl/src/libvirt_public.syms
===================================================================
--- libvirt-acl.orig/src/libvirt_public.syms
+++ libvirt-acl/src/libvirt_public.syms
@@ -358,4 +358,23 @@ LIBVIRT_0.7.7 {
virDomainAbortJob;
} LIBVIRT_0.7.5;
+LIBVIRT_0.7.8 {
+ global:
+ virConnectListNWFilters;
+ virConnectNumOfNWFilters;
+ virNWFilterLookupByName;
+ virNWFilterLookupByUUID;
+ virNWFilterLookupByUUIDString;
+ virNWFilterFree;
+ virNWFilterGetName;
+ virNWFilterGetUUID;
+ virNWFilterGetUUIDString;
+ virNWFilterGetXMLDesc;
+ virNWFilterRef;
+ virNWFilterTest;
+ virNWFilterDefineXML;
+ virNWFilterUndefine;
+} LIBVIRT_0.7.7;
+
+
# .... define new API here using predicted next version number ....
--
libvir-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/libvir-list
