Re: [libvirt PATCH 04/28] util: rename iptables helpers that will become the frontend for ip&nftables

[Daniel P . Berrangé]

On Sun, Apr 30, 2023 at 11:19:19PM -0400, Laine Stump wrote:
> These toplevel functions have no iptables-specific code, except that
> they each call a lower-level internal function that *is* iptables
> specific. As a preparation to supporting use of either iptables or
> nftables, rename these functions from iptablesXXX to virNetfilterXXX.
> 
> Signed-off-by: Laine Stump <la...@redhat.com>
> ---
>  src/libvirt_private.syms          |  48 +++---
>  src/network/bridge_driver_linux.c | 124 +++++++-------
>  src/util/viriptables.c            | 260 +++++++++++++++---------------
>  src/util/viriptables.h            |  96 +++++------
>  4 files changed, 264 insertions(+), 264 deletions(-)
> 
> diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
> index 73cccf38a1..9f3868bbac 100644
> --- a/src/libvirt_private.syms
> +++ b/src/libvirt_private.syms
> @@ -2547,33 +2547,33 @@ virInitctlSetRunLevel;

> diff --git a/src/network/bridge_driver_linux.c 
> b/src/network/bridge_driver_linux.c
> index 1ef5b9d917..da7d78a40a 100644
> --- a/src/network/bridge_driver_linux.c
> +++ b/src/network/bridge_driver_linux.c
> @@ -322,7 +322,7 @@ networkAddMasqueradingFirewallRules(virFirewall *fw,
>      }
>  
>      /* allow forwarding packets from the bridge interface */
> -    if (iptablesAddForwardAllowOut(fw,
> +    if (virNetfilterAddForwardAllowOut(fw,
>                                     &ipdef->address,
>                                     prefix,
>                                     def->bridge,

nit-pick - the arguments all need their indentation adjusting
for this rename.


> diff --git a/src/util/viriptables.h b/src/util/viriptables.h
> index bb13f3292d..610c4dccde 100644
> --- a/src/util/viriptables.h
> +++ b/src/util/viriptables.h
> @@ -25,101 +25,101 @@
>  
>  int              iptablesSetupPrivateChains      (virFirewallLayer layer);
>  
> -void             iptablesAddTcpInput             (virFirewall *fw,
> +void             virNetfilterAddTcpInput         (virFirewall *fw,
>                                                    virFirewallLayer layer,
>                                                    const char *iface,
>                                                    int port);

I'd be inclined to remove the excessive whitespace between the
function name and the parameter list while making this change.
This file is a long standing outlier in our codebase and we
might as well take this opportunity to fix that.

With the whitespace points addressed:

Reviewed-by: Daniel P. Berrangé <berra...@redhat.com>


With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|