This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple  IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.

So, when for example an interface description in the domain XML has
looked like this up to now:

    <interface type='bridge'>
      <source bridge='mybridge'/>
      <model type='virtio'/>
      <filterref filter='clean-traffic'>
        <parameter name='IP' value='10.2.3.4'/>
      </filterref>
    </interface>

you may omit the IP parameter:

    <interface type='bridge'>
      <source bridge='mybridge'/>
      <model type='virtio'/>
      <filterref filter='clean-traffic'/>
    </interface>

Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface  (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.

A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.

* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
  src/nwfilter/nwfilter_ebiptables_driver.[ch]
  src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing

virParseVersionString uses virStrToLong_ui instead of sscanf.

This also fixes a bug in the UML driver, that always returned 0
as version number.

Introduce STRSKIP to check if a string has a certain prefix and
to skip this prefix.

Use the new virDomainUpdateDeviceFlags API to allow the VNC password
to be changed on the fly

* src/internal.h: Define STREQ_NULLABLE() which is like STREQ()
  but does not crash if either argument is NULL, and treats two
  NULLs as equal.
* src/libvirt_private.syms: Export virDomainGraphicsTypeToString
* src/qemu/qemu_driver.c: Support VNC password change on a live
  machine
* src/qemu/qemu_monitor.c: Disable crazy debugging info. Treat a
  NULL password as "" (empty string), allowing passwords to be
  disabled in the monitor

* global: patch created by running:
for f in $(git ls-files '*.[ch]') ; do
    cppi $f > $f.t && mv $f.t $f
done

It is a bad idea to call gettext on an already-translated
string.  In cases where a string must be translated separately
from where it is exposed to xgettext, the gettext manual
recommends the idiom of N_() wrapping gettext_noop for
marking the string.

* src/internal.h (N_): Fix definition to match gettext manual.
* tools/virsh.c: (cmdHelp, cmdList, cmdDomstate, cmdDominfo)
(cmdVcpuinfo, vshUsage): Replace incorrect use of N_ with _.
(vshCmddefHelp): Likewise.  Mark C format strings appropriately.

* src/internal.h (STREQ, STRCASEEQ, STRNEQ, STRCASENEQ, STREQLEN)
(STRCASEEQLEN, STRNEQLEN, STRCASENEQLEN, STRPREFIX): Avoid
redundant parenthesis.
* examples/domain-events/events-c/event-test.c (STREQ): Likewise.
* src/storage/parthelper.c (STREQ): Likewise.

ATTRIBUTE_SENTINEL was defined for GCC >= 4.0 only, resulting in
compile errors when using GCC < 4.0.

* src/internal.h (ATTRIBUTE_SENTINEL): New, it's a ggc feature and
  protected as such
* src/util/buf.c (virBufferStrcat): Use it.
* src/util/ebtables.c (ebtablesAddRemoveRule): Use it.
* src/util/iptables.c (iptableAddRemoveRule: Use it.
* src/util/qparams.h (new_qparam_set, append_qparams): Use it.
* docs/apibuild.py: avoid breaking the API generator with that new
  internal keyword macro

Move the VIR_DRV_FEATURE* constants into libvirt_internal.h
since these flags are indicating whether  APIs in the
libvirt_internal.h file are supported by a driver

* src/driver.h: Remove VIR_DRV_FEATURE* constants
* src/libvirt_internal.h: Add VIR_DRV_FEATURE* constants, using
  an enum instead of #define
* src/internal.h: pull in libvirt_internal.h

* src/internal.h (ATTRIBUTE_NONNULL): Define.

* src/storage_conf.c src/internal.h: move previous check in internal.h
  and add a workaround for a GCC bug in Debian Etch on limit definitions

GCC >= 4.4 assumes the 'printf' attribute refers to the native
runtime libraries format specifiers. Thanks to gnulib, libvirt
has GNU format specifiers everywhere.  This means we need to
use 'gnu_printf' with GCC >= 4.4 to get correct compiler
checking of printf format specifiers.

* HACKING: Document new rules for ATTRIBUTE_FMT_PRINTF
* autobuild.sh, mingw32-libvirt.spec.in: Disable OpenNebula
  driver on mingw32 builds
* qemud/dispatch.h, qemud/qemu.h, src/buf.h src/internal.h,
  src/logging.h, src/security.h, src/sexpr.h, src/util.h,
  src/virterror_internal.h, src/xend_internal.c: Change
  over to ATTRIBUTE_FMT_PRINTF.
* src/virsh.c: Disable 'cd' and 'pwd' commands on Win32
  since they don't compile
* src/threads-win32.c: Add missing return value check

* src/logging.c src/logging.h proxy/Makefile.am proxy/libvirt_proxy.c
  src/Makefile.am src/cgroup.c src/datatypes.c src/domain_event.c
  src/internal.h src/libvirt.c src/lxc_container.c src/lxc_controller.c
  src/lxc_driver.c src/proxy_internal.c src/qemu_driver.c
  src/remote_internal.c src/storage_backend_disk.c src/util.c
  src/veth.c src/xen_internal.c src/xen_unified.c src/xend_internal.c:
  add new logging module, and move existing definitions there
Daniel

* include/libvirt/libvirt.h include/libvirt/libvirt.h.in
  src/libvirt.c src/libvirt_sym.version: new libvirt event entry
  points, big patch provided by Ben Guthro
* Makefile.am configure.in src/driver.h src/event.c src/event.h
  src/internal.h src/libvirt.c src/libvirt_sym.version src/lxc_driver.c
  src/openvz_driver.c src/qemu_conf.h src/qemu_driver.c
  src/remote_internal.c src/storage_backend_fs.c src/test.c
  qemud/event.c qemud/event.h qemud/mdns.c qemud/qemud.c
  qemud/qemud.h qemud/remote.c qemud/remote_dispatch_localvars.h
  qemud/remote_dispatch_proc_switch.h qemud/remote_dispatch_prototypes.h
  qemud/remote_protocol.c qemud/remote_protocol.h
  qemud/remote_protocol.x proxy/Makefile.am python/generator.py:
  Not much is left untouched by the patch adding the events support
* docs/libvirt-api.xml docs/libvirt-refs.xml
  docs/html/libvirt-libvirt.html: regenerated the docs
* examples/domain-events/events-c/Makefile.am
  examples/domain-events/events-c/event-test.c: a test example
* AUTHORS: added Ben Guthro
daniel

	* include/libvirt/libvirt.h.in: Add VIR_DEPRECATED macro.
	* src/internal.h: Internal code is allowed to use deprecated
	features, so override VIR_DEPRECATED here.
	* include/libvirt/virterror.h: Deprecate the conn, dom and net
	fields in the _virError structure.

Mon May 12 23:32:21 PST 2008 David L. Leskovec <dlesko@linux.vnet.ibm.com>

	* qemud/qemud.c: get siginfo with signals, distribute to drivers that
    register a handler
	* src/driver.h: add sighandler function to state driver table
	* src/internal.h: define virStateSigDispatcher functions
	* src/libvirt.c: add __virStateSigDispatcher function
	* src/libvirt_sym.version: add __virStateSigDispatcher
	* src/lxc_driver.c: add sig handler function, cleanup vm when sigchld
    received from container process
	* src/qemu_driver.c: NULL for sig handler (no handler) in state driver
	* src/remote_internal.c: NULL for sig handler (no handler) in state driver
	* src/storage_driver.c: NULL for sig handler (no handler) in state driver

* src/internal.h (HAVE_PTHREAD_H): Test with "#ifdef", not "#if".

	* configure.in: Fix pkg-config detection of libxml2,
	  add -lgcrypt to gnutls lib.
	* src/Makefile.am: If compiling --without-libvirtd then
	  don't compile any part of the storage driver.
	* configure.in, src/hash.c, src/internal.h: Detect availability
	  of pthread library and compile out mutex code if not available.
	* src/storage_driver.c, src/util.c: Ignore some missing
	  headers on MinGW.

Done using this command (also includes .c.in and .h.in files):
for i in $(g ls-files|grep -E '\.[ch](\.in)?$'|grep -v gnulib); do
  expand -i $i > j && mv j $i;done

Done with these commands:
git grep -l Local.variab|xargs \
  perl -0x3b -pi -e 's,\n+/\*\n \* vim:(.|\n)*,\n,'

git grep -l Local.variab|xargs \
  perl -0x3b -pi -e 's,\n+/\*\n \* Local variables:\n(.|\n)*,\n,'

* src/hash.c src/internal.h src/virterror.c: remove dandling
  domain/net/conn pointers from error data when released.
* src/lxc_driver.c: fix a NULL/0 return error mismatch
Daniel

	* src/util.c, src/util.h, src/libvirt_sym.version: Added
	  virMacAddrCompare utility function for comparing MAC
	  addresses.
	* src/virsh.c, src/xm_internal.c: Use virMacAddrCompare
	  to compare addresses.  (Shigeki Sakamoto and Richard Jones).

* src/internal.h: move xstrol() variants from here ...

* src/util.[ch]: ... to here and rename to virStrToLong()

* src/libvirt_sym.version: export __virStrToLong_i() for
virsh and qemud.

* src/nodeinfo.c, src/stats_linux.c, src/virsh.c,
  src/xend_internal.c, qemud/qemud.c: replace xstrtol()
calls with virStrToLong()

* src/nodeinfo.h: don't include internal.h, which was only
needed for xstrtol(), but instead include libvirt.h which
is suffificient for the declarations in the header.