nwfilter: no support for direct type of interface

Ebtables filtering doesn't work on macvtap device. Remove support for direct type of interface.

diff --git a/docs/formatnwfilter.html.in b/docs/formatnwfilter.html.in
index 1cc13352af2cdbe8d18c5f448ef14584790bf07d..ecb6b62c04bf91317387b0cfecd2cdae08d47e2c 100644 (file)
--- a/docs/formatnwfilter.html.in
+++ b/docs/formatnwfilter.html.in
@@ -52,8 +52,6 @@
        <li><code>network</code></li>
        <li><code>ethernet</code> -- must be used in bridging mode</li>
        <li><code>bridge</code></li>
-       <li><code>direct</code> -- only protocols mac, arp, ip and ipv6
-            can be filtered</li>
       </ul>
     <p>
     The interface XML is used to reference a top-level filter. In the

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 6b733d474b9ded8c1fe482df936a77e199bdaf0b..381e6924e54536cd0d415b7c12b0913d195cd006 100644 (file)
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -2841,7 +2841,6 @@ virDomainNetDefParseXML(virCapsPtr caps,
         case VIR_DOMAIN_NET_TYPE_ETHERNET:
         case VIR_DOMAIN_NET_TYPE_NETWORK:
         case VIR_DOMAIN_NET_TYPE_BRIDGE:
-        case VIR_DOMAIN_NET_TYPE_DIRECT:
             def->filter = filter;
             filter = NULL;
             def->filterparams = filterparams;

diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c
index 977f74b3f5f46101277a1bf0304a5f564848e690..39bd4a52362d1b73062412f0be525f001362d7f0 100644 (file)
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -2357,7 +2357,7 @@ err_exit:
  */
 static int
 ebiptablesCreateRuleInstance(virConnectPtr conn ATTRIBUTE_UNUSED,
-                             enum virDomainNetType nettype,
+                             enum virDomainNetType nettype ATTRIBUTE_UNUSED,
                              virNWFilterDefPtr nwfilter,
                              virNWFilterRuleDefPtr rule,
                              const char *ifname,
@@ -2409,13 +2409,6 @@ ebiptablesCreateRuleInstance(virConnectPtr conn ATTRIBUTE_UNUSED,
     case VIR_NWFILTER_RULE_PROTOCOL_ICMP:
     case VIR_NWFILTER_RULE_PROTOCOL_IGMP:
     case VIR_NWFILTER_RULE_PROTOCOL_ALL:
-        if (nettype == VIR_DOMAIN_NET_TYPE_DIRECT) {
-            virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
-                          _("'%s' protocol not support for net type '%s'"),
-                          virNWFilterRuleProtocolTypeToString(rule->prtclType),
-                          virDomainNetTypeToString(nettype));
-            return 1;
-        }
         isIPv6 = 0;
         rc = iptablesCreateRuleInstance(nwfilter,
                                         rule,
@@ -2433,13 +2426,6 @@ ebiptablesCreateRuleInstance(virConnectPtr conn ATTRIBUTE_UNUSED,
     case VIR_NWFILTER_RULE_PROTOCOL_SCTPoIPV6:
     case VIR_NWFILTER_RULE_PROTOCOL_ICMPV6:
     case VIR_NWFILTER_RULE_PROTOCOL_ALLoIPV6:
-        if (nettype == VIR_DOMAIN_NET_TYPE_DIRECT) {
-            virNWFilterReportError(VIR_ERR_OPERATION_FAILED,
-                          _("'%s' protocol not support for net type '%s'"),
-                          virNWFilterRuleProtocolTypeToString(rule->prtclType),
-                          virDomainNetTypeToString(nettype));
-            return 1;
-        }
         isIPv6 = 1;
         rc = iptablesCreateRuleInstance(nwfilter,
                                         rule,