diff --git a/ChangeLog b/ChangeLog index b0cda86679c6e60693525d191df82d34e0febe69..24521bc78f273339b850e892e1987c723406d06e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +Thu Jan 10 13:54:10 GMT 2008 Mark McLoughlin + + --with-iptables-prefix was added to integrate with + a proposed system for letting iptables know how to + reload our rules. The proposed system wasn't accepted + so, although there might be some other theoretical + use for this, let's just remove it. + + * configure.in, src/iptables.c: remove --with-iptables-prefix + Thu Jan 10 13:52:05 GMT 2008 Mark McLoughlin Add support for integrating our iptables support with diff --git a/configure.in b/configure.in index fe36718fb03911d4dd90b1996ae7522bdb4cf131..cd1a4119fbde5b05fc528ce7a9b13d742ddb6afa 100644 --- a/configure.in +++ b/configure.in @@ -182,16 +182,6 @@ fi AM_CONDITIONAL(LIBVIRT_INIT_SCRIPTS_RED_HAT, test x$with_init_scripts = xredhat) AC_MSG_RESULT($with_init_scripts) -dnl -dnl allow the creation of iptables rules in chains with a -dnl specific prefix rather than in the standard toplevel chains -dnl -AC_ARG_WITH(iptables-prefix, - AC_HELP_STRING([--with-iptables-prefix=prefix], - [prefix used for iptables chains, default is to use standard toplevel chains]), - [IPTABLES_PREFIX=$withval]) -AC_DEFINE_UNQUOTED(IPTABLES_PREFIX, "$IPTABLES_PREFIX", [prefix used for iptables chains]) - dnl dnl also support saving the various chains to files dnl in e.g. /etc/sysconfig/iptables.d diff --git a/src/iptables.c b/src/iptables.c index 21363ba1a6908fb9db95c1b08e926f7f1aeac7ba..12013af1cea5d95e65f85673728686d9433297e2 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -592,13 +592,13 @@ iptablesContextNew(void) if (!(ctx = calloc(1, sizeof (*ctx)))) return NULL; - if (!(ctx->input_filter = iptRulesNew("filter", IPTABLES_PREFIX "INPUT"))) + if (!(ctx->input_filter = iptRulesNew("filter", "INPUT"))) goto error; - if (!(ctx->forward_filter = iptRulesNew("filter", IPTABLES_PREFIX "FORWARD"))) + if (!(ctx->forward_filter = iptRulesNew("filter", "FORWARD"))) goto error; - if (!(ctx->nat_postrouting = iptRulesNew("nat", IPTABLES_PREFIX "POSTROUTING"))) + if (!(ctx->nat_postrouting = iptRulesNew("nat", "POSTROUTING"))) goto error; return ctx;