]> git.ipfire.org Git - thirdparty/libvirt.git/commitdiff
projects / thirdparty / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0004a11)
bugfix: ip6tables rule removal
authorGene Czarcinski <gene@czarc.net>
Tue, 30 Oct 2012 21:18:34 +0000 (17:18 -0400)
committerCole Robinson <crobinso@redhat.com>
Sun, 9 Dec 2012 21:07:39 +0000 (16:07 -0500)
Three FORWARD chain rules are added and two INPUT chain rules
are added when a network is started but only the FORWARD chain
rules are removed when the network is destroyed.
(cherry picked from commit adaa7ab653b0f841aa549e9f47f9e63ee1d15b37)

src/network/bridge_driver.c patch | blob | blame | history

diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 8b270af6b6ef7c6ff55b26bca0d9bf3d1eb13eea..7c393635189dfee16c20637a75efb4c28bb92747 100644 (file)
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -1627,6 +1627,8 @@ networkRemoveGeneralIp6tablesRules(struct network_driver *driver,
     if (!virNetworkDefGetIpByIndex(network->def, AF_INET6, 0))
         return;
 
+    iptablesRemoveUdpInput(driver->iptables, AF_INET6, network->def->bridge, 53);
+    iptablesRemoveTcpInput(driver->iptables, AF_INET6, network->def->bridge, 53);
     iptablesRemoveForwardAllowCross(driver->iptables, AF_INET6, network->def->bridge);
     iptablesRemoveForwardRejectIn(driver->iptables, AF_INET6, network->def->bridge);
     iptablesRemoveForwardRejectOut(driver->iptables, AF_INET6, network->def->bridge);
Mirror of https://github.com/libvirt/libvirt.git