From: Laine Stump Date: Mon, 2 Sep 2024 20:13:08 +0000 (-0400) Subject: network: permit when a network has no IP address X-Git-Tag: v10.8.0-rc1~68 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=114c0ec656e879ab4d67919914bb24cf5993106d;p=thirdparty%2Flibvirt.git network: permit when a network has no IP address The whole point of is to supress libvirt from adding any firewall rules for a network, and someone might want to create a network with no IP address (i.e. they don't want the guests to have connectivity to the host via this interface) and no firewall rules (they don't want any, or they want to add their own). So there's no reason to fail when a network has and also has no IP address. Kind-of-Resolves: https://gitlab.com/libvirt/libvirt/-/issues/588 Signed-off-by: Laine Stump Reviewed-by: Martin Kletzander --- diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c index 5cf419acf1..320e1b089a 100644 --- a/src/conf/network_conf.c +++ b/src/conf/network_conf.c @@ -1789,7 +1789,6 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt, case VIR_NETWORK_FORWARD_ROUTE: case VIR_NETWORK_FORWARD_NAT: - case VIR_NETWORK_FORWARD_OPEN: /* It's pointless to specify L3 forwarding without specifying * the network we're on. */ @@ -1806,8 +1805,10 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt, def->name); return NULL; } + break; - if (def->forward.type == VIR_NETWORK_FORWARD_OPEN && def->forward.nifs) { + case VIR_NETWORK_FORWARD_OPEN: + if (def->forward.nifs) { /* an open network by definition can't place any restrictions * on what traffic is allowed or where it goes, so specifying * a forwarding device is nonsensical.