From: Daniel P. Berrange Date: Thu, 22 May 2008 15:49:50 +0000 (+0000) Subject: Fix removal of iptable forwarding rules X-Git-Tag: LIBVIRT_0_4_4~66 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=42aec3d000f0bfdda99ad0454a0c0294784b2806;p=thirdparty%2Flibvirt.git Fix removal of iptable forwarding rules --- diff --git a/ChangeLog b/ChangeLog index f693632f55..83d0de30d6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +Thu May 22 11:49:29 EST 2008 Daniel P. Berrange + + * src/qemu_driver.c: Fix removal of iptables forwarding rules + Thu May 22 11:38:29 EST 2008 Daniel P. Berrange * configure.in: Remove some duplicated error messages diff --git a/src/qemu_driver.c b/src/qemu_driver.c index 8e26a4fa83..e5124479f4 100644 --- a/src/qemu_driver.c +++ b/src/qemu_driver.c @@ -1213,12 +1213,20 @@ qemudRemoveIptablesRules(struct qemud_driver *driver, struct qemud_network *network) { if (network->def->forward) { iptablesRemoveForwardMasquerade(driver->iptables, - network->def->network, - network->def->forwardDev); - iptablesRemoveForwardAllowIn(driver->iptables, - network->def->network, - network->bridge, - network->def->forwardDev); + network->def->network, + network->def->forwardDev); + + if (network->def->forwardMode == QEMUD_NET_FORWARD_NAT) + iptablesRemoveForwardAllowRelatedIn(driver->iptables, + network->def->network, + network->bridge, + network->def->forwardDev); + else if (network->def->forwardMode == QEMUD_NET_FORWARD_ROUTE) + iptablesRemoveForwardAllowIn(driver->iptables, + network->def->network, + network->bridge, + network->def->forwardDev); + iptablesRemoveForwardAllowOut(driver->iptables, network->def->network, network->bridge,