You need to sign in or sign up before continuing.
- 09 3月, 2015 6 次提交
-
-
由 Michal Privoznik 提交于
Now that all the code uses accessors, don't expose the structure anyway. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
Well, one day this will be self-locking object, but not today. But lets prepare the code for that! Moreover, virNetworkObjListFree() is no longer needed, so turn it into virNetworkObjListDispose(). Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
The API will iterate over the list of network object and remove desired ones from it. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
An accessor following pattern laid out by virDomainObjList* APIs. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
An accessor following pattern laid out by virDomainObjList* APIs. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
This API will be used in the future to call passed callback over each network object in the list. It's slightly different to its virDomainObjListForEach counterpart, because virDomainObjList uses a hash table to store domain object, while virNetworkObjList uses an array. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 04 3月, 2015 4 次提交
-
-
由 Michal Privoznik 提交于
It's returning virNetworkObjPtr after all. And it matches the pattern laid out by domain_conf.h. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
It's returning virNetworkObjPtr after all. And it matches the pattern laid out by domain_conf.h. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
Instead of copying the whole object onto stack when calling the function, just pass the pointer to the object and save up some space on the stack. Moreover, this prepares the code to hide the virNetworkObjList structure into network_conf.c and use accessors only. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
This is probably a copy-paste error from virDomainObj* counterpart. But when speaking of virNetworkObj we should use variable @nets for an array of networks, rather than @doms. It's just confusing. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 20 1月, 2015 1 次提交
-
-
由 Josh Stone 提交于
This adds a new "localOnly" attribute on the domain element of the network xml. With this set to "yes", DNS requests under that domain will only be resolved by libvirt's dnsmasq, never forwarded upstream. This was how it worked before commit f69a6b98, and I found that functionality useful. For example, I have my host's NetworkManager dnsmasq configured to forward that domain to libvirt's dnsmasq, so I can easily resolve guest names from outside. But if libvirt's dnsmasq doesn't know a name and forwards it to the host, I'd get an endless forwarding loop. Now I can set localOnly="yes" to prevent the loop. Signed-off-by: NJosh Stone <jistone@redhat.com>
-
- 16 1月, 2015 1 次提交
-
-
由 Cédric Bosdonnat 提交于
Moving code for parsing and formatting network routes to networkcommon_conf helps reusing those routes for domains. The route definition has been hidden to help reducing the number of unnecessary checks in the format function.
-
- 09 12月, 2014 1 次提交
-
-
由 Laine Stump 提交于
The macTableManager attribute of a network's bridge subelement tells libvirt how the bridge's MAC address table (used to determine the egress port for packets) is managed. In the default mode, "kernel", management is left to the kernel, which usually determines entries in part by turning on promiscuous mode on all ports of the bridge, flooding packets to all ports when the correct destination is unknown, and adding/removing entries to the fdb as it sees incoming traffic from particular MAC addresses. In "libvirt" mode, libvirt turns off learning and flooding on all the bridge ports connected to guest domain interfaces, and adds/removes entries according to the MAC addresses in the domain interface configurations. A side effect of turning off learning and unicast_flood on the ports of a bridge is that (with Linux kernel 3.17 and newer), the kernel can automatically turn off promiscuous mode on one or more of the bridge's ports (usually only the one interface that is used to connect the bridge to the physical network). The result is better performance (because packets aren't being flooded to all ports, and can be dropped earlier when they are of no interest) and slightly better security (a guest can still send out packets with a spoofed source MAC address, but will only receive traffic intended for the guest interface's configured MAC address). The attribute looks like this in the configuration: <network> <name>test</name> <bridge name='br0' macTableManager='libvirt'/> ... This patch only adds the config knob, documentation, and test cases. The functionality behind this knob is added in later patches.
-
- 06 10月, 2014 1 次提交
-
-
由 Laine Stump 提交于
This new attribute will control whether or not libvirt will pay attention to guest notifications about changes to network device mac addresses and receive filters. The default for this is 'no' (for security reasons). If it is set to 'yes' *and* the specified device model and connection support it (currently only macvtap+virtio) then libvirt will watch for NIC_RX_FILTER_CHANGED events, and when it receives one, it will issue a query-rx-filter command, retrieve the result, and modify the host-side macvtap interface's mac address and unicast/multicast filters accordingly. The functionality behind this attribute will be in a later patch. This patch merely adds the attribute to the top-level of a domain's <interface> as well as to <network> and <portgroup>, and adds documentation and schema/xml2xml tests. Rather than adding even more test files, I've just added the net attribute in various applicable places of existing test files.
-
- 23 7月, 2014 1 次提交
-
-
由 Ján Tomko 提交于
Replace all three-state (default/yes/no) enums with it: virDomainBIOSUseserial virDomainBootMenu virDomainPMState virDomainGraphicsSpiceClipboardCopypaste virDomainGraphicsSpiceAgentFileTransfer virNetworkDNSForwardPlainNames
-
- 06 5月, 2014 1 次提交
-
-
由 Julio Faracco 提交于
In "src/conf/" there are many enumeration (enum) declarations. Similar to the recent cleanup to "src/util" directory, it's better to use a typedef for variable types, function types and other usages. Other enumeration and folders will be changed to typedef's in the future. Most of the files changed in this commit are reltaed to Network (network_conf.* and interface_conf.*) enums. Signed-off-by: NJulio Faracco <jcfaracco@gmail.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 27 4月, 2014 1 次提交
-
-
由 Laine Stump 提交于
Experimentation showed that if virNetworkCreateXML() was called for a network that was already defined, and then the network was subsequently shutdown, the network would continue to be persistent after the shutdown (expected/desired), but the original config would be lost in favor of the transient config sent in with virNetworkCreateXML() (which would then be the new persistent config) (obviously unexpected/not desired). To fix this, virNetworkObjAssignDef() has been changed to 1) properly save/free network->def and network->newDef for all the various combinations of live/active/persistent, including some combinations that were previously considered to be an error but didn't need to be (e.g. setting a "live" config for a network that isn't yet active but soon will be - that was previously considered an error, even though in practice it can be very useful). 2) automatically set the persistent flag whenever a new non-live config is assigned to the network (and clear it when the non-live config is set to NULL). the libvirt network driver no longer directly manipulates network->persistent, but instead relies entirely on virNetworkObjAssignDef() to do the right thing automatically. After this patch, the following sequence will behave as expected: virNetworkDefineXML(X) virNetworkCreateXML(X') (same name but some config different) virNetworkDestroy(X) At the end of these calls, the network config will remain as it was after the initial virNetworkDefine(), whereas previously it would take on the changes given during virNetworkCreateXML(). Another effect of this tighter coupling between a) setting a !live def and b) setting/clearing the "persistent" flag, is that future patches which change the details of network lifecycle management (e.g. upcoming patches to fix detection of "active" networks when libvirtd is restarted) will find it much more difficult to break persistence functionality.
-
- 10 3月, 2014 1 次提交
-
-
由 Michal Privoznik 提交于
This fixes a possible double free. In virNetworkAssignDef() if virBitmapNew() fails, then virNetworkObjFree(network) is called. However, with network->def pointing to actual @def. So if caller frees @def again, ... Moreover, this fixes one possible memory leak too. In virInterfaceAssignDef() if appending to the list of interfaces fails, we ought to call virInterfaceObjFree() instead of bare VIR_FREE(). Although, in order to do that some array size variables needs to be turned into size_t rather than int. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 18 2月, 2014 2 次提交
-
-
由 Michal Privoznik 提交于
Basically, the idea is copied from domain code, where tainting exists for a while. Currently, only one taint reason exists - VIR_NETWORK_TAINT_HOOK to mark those networks which caused invoking of hook script. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
In the next patch I'm going to need the network format function that takes virBuffer as argument. However, slightly change of name is more appropriate then: virNetworkDefFormatBuf to match the rest of functions that format an object to buffer. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 04 2月, 2014 1 次提交
-
-
由 Laine Stump 提交于
The previous patch fixed "forwardPlainNames" so that it really is doing only what is intended, but left the default to be "forwardPlainNames='no'". Discussion around the initial version of that patch led to the decision that the default should instead be "forwardPlainNames='yes'" (i.e. the original behavior before commit f3886825). This patch makes that change to the default.
-
- 15 10月, 2013 1 次提交
-
-
由 Eric Blake 提交于
'const fooPtr' is the same as 'foo * const' (the pointer won't change, but it's contents can). But in general, if an interface is trying to be const-correct, it should be using 'const foo *' (the pointer is to data that can't be changed). Fix up remaining offenders in src/conf, and their fallout. * src/conf/snapshot_conf.h (virDomainSnapshotAssignDef) (virDomainSnapshotFindByName): Drop attempt at const. * src/conf/interface_conf.h (virInterfaceObjIsActive) (virInterfaceDefFormat): Use intended type. (virInterfaceFindByMACString, virInterfaceFindByName) (virInterfaceAssignDef, virInterfaceRemove): Drop attempt at const. * src/conf/network_conf.h (virNetworkObjIsActive) (virNetworkDefFormat, virNetworkDefForwardIf) (virNetworkDefGetIpByIndex, virNetworkIpDefPrefix) (virNetworkIpDefNetmask): Use intended type. (virNetworkFindByUUID, virNetworkFindByName, virNetworkAssignDef) (virNetworkObjAssignDef, virNetworkRemoveInactive) (virNetworkBridgeInUse, virNetworkSetBridgeName) (virNetworkAllocateBridge): Drop attempt at const. * src/conf/netdev_vlan_conf.h (virNetDevVlanFormat): Make const-correct. * src/conf/node_device_conf.h (virNodeDeviceHasCap) (virNodeDeviceDefFormat): Use intended type. (virNodeDeviceFindByName, virNodeDeviceFindBySysfsPath) (virNodeDeviceAssignDef, virNodeDeviceObjRemove) (virNodeDeviceGetParentHost): Drop attempt at const. * src/conf/secret_conf.h (virSecretDefFormat): Use intended type. * src/conf/snapshot_conf.c (virDomainSnapshotAssignDef) (virDomainSnapshotFindByName): Fix fallout. * src/conf/interface_conf.c (virInterfaceBridgeDefFormat) (virInterfaceBondDefFormat, virInterfaceVlanDefFormat) (virInterfaceProtocolDefFormat, virInterfaceDefDevFormat) (virInterfaceDefFormat, virInterfaceFindByMACString) (virInterfaceFindByName, virInterfaceAssignDef) (virInterfaceRemove): Likewise. * src/conf/network_conf.c (VIR_ENUM_IMPL, virNetworkFindByName, virNetworkObjAssignDef) (virNetworkAssignDef, virNetworkRemoveInactive) (virNetworkDefGetIpByIndex, virNetworkIpDefPrefix) (virNetworkIpDefNetmask, virNetworkDHCPHostDefParseXML) (virNetworkIpDefFormat, virNetworkRouteDefFormat) (virPortGroupDefFormat, virNetworkForwardNatDefFormat) (virNetworkDefFormatInternal, virNetworkBridgeInUse) (virNetworkAllocateBridge, virNetworkSetBridgeName) (virNetworkDNSDefFormat, virNetworkDefFormat): Likewise. * src/conf/netdev_vlan_conf.c (virNetDevVlanFormat): Likewise. * src/conf/node_device_conf.c (virNodeDeviceHasCap) (virNodeDeviceFindBySysfsPath, virNodeDeviceFindByName) (virNodeDeviceAssignDef, virNodeDeviceObjRemove) (virNodeDeviceDefFormat, virNodeDeviceGetParentHost): Likewise. * src/conf/secret_conf.c (virSecretDefFormatUsage) (virSecretDefFormat): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 18 9月, 2013 1 次提交
-
-
由 Diego Woitasen 提交于
Useful to set custom forwarders instead of using the contents of /etc/resolv.conf. It helps me to setup dnsmasq as local nameserver to resolve VM domain names from domain 0, when domain option is used. Signed-off-by: NDiego Woitasen <diego.woitasen@vhgroup.net> Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 28 8月, 2013 1 次提交
-
-
由 Ján Tomko 提交于
Add checks for updating sections of network definition via virNetworkDefUpdateSection. https://bugzilla.redhat.com/show_bug.cgi?id=989569
-
- 14 8月, 2013 1 次提交
-
-
由 Laine Stump 提交于
This resolves the issue that prompted the filing of https://bugzilla.redhat.com/show_bug.cgi?id=928638 (although the request there is for something much larger and more general than this patch). commit f3868259 disabled the forwarding to upstream DNS servers of unresolved DNS requests for names that had no domain, but were just simple host names (no "." character anywhere in the name). While this behavior is frowned upon by DNS root servers (that's why it was changed in libvirt), it is convenient in some cases, and since dnsmasq can be configured to allow it, it must not be strictly forbidden. This patch restores the old behavior, but since it is usually undesirable, restoring it requires specification of a new option in the network config. Adding the attribute "forwardPlainNames='yes'" to the <dns> elemnt does the trick - when that attribute is added to a network config, any simple hostnames that can't be resolved by the network's dnsmasq instance will be forwarded to the DNS servers listed in the host's /etc/resolv.conf for an attempt at resolution (just as any FQDN would be forwarded). When that attribute *isn't* specified, unresolved simple names will *not* be forwarded to the upstream DNS server - this is the default behavior.
-
- 03 7月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Ensure that all APIs which list network objects filter them against the access control system. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 14 5月, 2013 1 次提交
-
-
由 Gene Czarcinski 提交于
network: static route support for <network> This patch adds the <route> subelement of <network> to define a static route. the address and prefix (or netmask) attribute identify the destination network, and the gateway attribute specifies the next hop address (which must be directly reachable from the containing <network>) which is to receive the packets destined for "address/(prefix|netmask)". These attributes are translated into an "ip route add" command that is executed when the network is started. The command used is of the following form: ip route add <address>/<prefix> via <gateway> \ dev <virbr-bridge> proto static metric <metric> Tests are done to validate that the input data are correct. For example, for a static route ip definition, the address must be a network address and not a host address. Additional checks are added to ensure that the specified gateway is directly reachable via this network (i.e. that the gateway IP address is in the same subnet as one of the IP's defined for the network). prefix='0' is supported for both family='ipv4' address='0.0.0.0' netmask='0.0.0.0' or prefix='0', and for family='ipv6' address='::', prefix=0', although care should be taken to not override a desired system default route. Anytime an attempt is made to define a static route which *exactly* duplicates an existing static route (for example, address=::, prefix=0, metric=1), the following error message will be sent to syslog: RTNETLINK answers: File exists This can be overridden by decreasing the metric value for the route that should be preferred, or increasing the metric for the route that shouldn't be preferred (and is thus in place only in anticipation that the preferred route may be removed in the future). Caution should be used when manipulating route metrics, especially for a default route. Note: The use of the command-line interface should be replaced by direct use of libnl so that error conditions can be handled better. But, that is being left as an exercise for another day. Signed-off-by: NGene Czarcinski <gene@czarc.net> Signed-off-by: NLaine Stump <laine@laine.org>
-
- 27 4月, 2013 1 次提交
-
-
由 Laine Stump 提交于
I remembered to document this bit, but somehow forgot to implement it. This adds <driver name='kvm|vfio'/> as a subelement to the <forward> element of a network (this puts it parallel to the match between mode='hostdev' attribute in a network and type='hostdev' in an <interface>). Since it's already documented, only the parser, formatter, backend driver recognition (it just translates/moves the flag into the <interface> at the appropriate time), and a test case were needed. (I used a separate enum for the values both because the original is defined in domain_conf.h, which is unavailable from network_conf.h, and because in the future it's possible that we may want to support other non-hostdev oriented driver names in the network parser; this makes sure that one can be expanded without the other).
-
- 19 4月, 2013 1 次提交
-
-
由 Peter Krempa 提交于
Until now tranisent networks weren't really useful as libvirtd wasn't able to remember them across restarts. This patch adds support for loading status files of transient networks (that already were generated) so that the status isn't lost. This patch chops up virNetworkObjUpdateParseFile and turns it into virNetworkLoadState and a few friends that will help us to load status XMLs and refactors the functions that are loading the configs to use them.
-
- 13 4月, 2013 1 次提交
-
-
由 Osier Yang 提交于
-
- 27 2月, 2013 1 次提交
-
-
由 Laine Stump 提交于
This reverts commit 383ebc46. We decided the xml for this feature needed more thought to make sure we are doing it the best way, in particular wrt option values that have multiple items.
-
- 25 2月, 2013 1 次提交
-
-
由 Gene Czarcinski 提交于
Originally, only a host name was used to associate a DHCPv6 request with a specific IPv6 address. Further testing demonstrates that this is an unreliable method and, instead, a client-id or DUID needs to be used. According to DHCPv6 standards, this id can be a duid-LLT, duid-LL, or duid-UUID even though dnsmasq will accept almost any text string. Although validity checking of a specified string makes sure it is hexadecimal notation with bytes separated by colons, there is no rigorous check to make sure it meets the standard. Documentation and schemas have been updated. Signed-off-by: NGene Czarcinski <gene@czarc.net> Signed-off-by: NLaine Stump <laine@laine.org>
-
- 23 2月, 2013 1 次提交
-
-
由 Pieter Hollants 提交于
This patch adds support for a new <option>-Tag in the <dhcp> block of network configs, based on a subset of the fifth proposal by Laine Stump in the mailing list discussion at https://www.redhat.com/archives/libvir-list/2012-November/msg01054.html. Any such defined option will result in a dhcp-option=<number>,"<value>" statement in the generated dnsmasq configuration file. Currently, DHCP options can be specified by number only and there is no whitelisting or blacklisting of option numbers, which should probably be added. Signed-off-by: NPieter Hollants <pieter@hollants.com> Signed-off-by: NLaine Stump <laine@laine.org>
-
- 20 2月, 2013 3 次提交
-
-
由 Natanael Copa 提交于
We pass over the address/port start/end values many times so we put them in structs. Signed-off-by: NNatanael Copa <ncopa@alpinelinux.org> Signed-off-by: NLaine Stump <laine@laine.org>
-
由 Natanael Copa 提交于
Let users set the port range to be used for forward mode NAT: ... <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> ... Signed-off-by: NNatanael Copa <ncopa@alpinelinux.org> Signed-off-by: NLaine Stump <laine@laine.org>
-
由 Natanael Copa 提交于
Support setting which public ip to use for NAT via attribute address in subelement <nat> in <forward>: ... <forward mode='nat'> <address start='1.2.3.4' end='1.2.3.10'/> </forward> ... This will construct an iptables line using: '-j SNAT --to-source <start>-<end>' instead of: '-j MASQUERADE' Signed-off-by: NNatanael Copa <ncopa@alpinelinux.org> Signed-off-by: NLaine Stump <laine@laine.org>
-
- 21 12月, 2012 2 次提交
-
-
由 Daniel P. Berrange 提交于
-
由 Daniel P. Berrange 提交于
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 12 12月, 2012 2 次提交
-
-
由 Michal Privoznik 提交于
Currently, we are only keeping a inactive XML configuration in status dir. This is no longer enough as we need to keep this class_id attribute so we don't overwrite old entries when the daemon restarts. However, since there has already been release which has just <network/> as root element, and we want to keep things compatible, detect that loaded status file is older one, and don't scream about it.
-
由 Michal Privoznik 提交于
Network should be notified if we plug in or unplug an interface, so it can perform some action, e.g. set/unset network part of QoS. However, we are doing this in very early stage, so iface->ifname isn't filled in yet. So whenever we want to report an error, we must use a different identifier, e.g. the MAC address.
-