From: Laine Stump Date: Thu, 28 Oct 2010 02:45:43 +0000 (-0400) Subject: Only attempt removal of the rule allowing tftp if it was added X-Git-Tag: v0.8.5~8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0111cebb5a430b67e6579efe0a0bc0b39d6002c3;p=thirdparty%2Flibvirt.git Only attempt removal of the rule allowing tftp if it was added During virtual network startup, the iptables rule that allows tftp traffic is only added if network->def->tftproot is non-empty, but when the virtual network is destroyed, we had been unconditionally trying to delete the rule. This was harmless, except that it created a bogus error message. This patch conditionalizes the delete command in the same manner that the insert command is already conditionalized. --- diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 0777d85029..631fbf1f68 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -990,7 +990,8 @@ networkRemoveIptablesRules(struct network_driver *driver, iptablesRemoveForwardAllowCross(driver->iptables, network->def->bridge); iptablesRemoveForwardRejectIn(driver->iptables, network->def->bridge); iptablesRemoveForwardRejectOut(driver->iptables, network->def->bridge); - iptablesRemoveUdpInput(driver->iptables, network->def->bridge, 69); + if (network->def->tftproot) + iptablesRemoveUdpInput(driver->iptables, network->def->bridge, 69); iptablesRemoveUdpInput(driver->iptables, network->def->bridge, 53); iptablesRemoveTcpInput(driver->iptables, network->def->bridge, 53); iptablesRemoveUdpInput(driver->iptables, network->def->bridge, 67);