only remove masquerade roles for VIR_NETWORK_FORWARD_NAT

Fixes http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549949

only remove masquerade roles for VIR_NETWORK_FORWARD_NAT
Fixes http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549949
91f9157e · Guido Günther · d42cfb4e · 91f9157e
隐藏空白更改
内联并排

Showing with 5 addition and 6 deletion

src/network/bridge_driver.c src/network/bridge_driver.c +5 -6

未找到文件。
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -783,16 +783,15 @@ static void
 networkRemoveIptablesRules(struct network_driver *driver,
                         virNetworkObjPtr network) {
    if (network->def->forwardType != VIR_NETWORK_FORWARD_NONE) {
-        iptablesRemoveForwardMasquerade(driver->iptables,
-                                        network->def->network,
-                                        network->def->forwardDev);
-
-        if (network->def->forwardType == VIR_NETWORK_FORWARD_NAT)
+        if (network->def->forwardType == VIR_NETWORK_FORWARD_NAT) {
+            iptablesRemoveForwardMasquerade(driver->iptables,
+                                                network->def->network,
+                                                network->def->forwardDev);
            iptablesRemoveForwardAllowRelatedIn(driver->iptables,
                                                network->def->network,
                                                network->def->bridge,
                                                network->def->forwardDev);
-        else if (network->def->forwardType == VIR_NETWORK_FORWARD_ROUTE)
+        } else if (network->def->forwardType == VIR_NETWORK_FORWARD_ROUTE)
            iptablesRemoveForwardAllowIn(driver->iptables,
                                         network->def->network,
                                         network->def->bridge,