On 10/29/24 11:12 AM, Phil Sutter wrote:
Hi,
On Tue, Oct 29, 2024 at 09:30:27AM -0400, Laine Stump wrote:
On 10/29/24 8:46 AM, Daniel P. Berrangé wrote:
On Tue, Oct 29, 2024 at 12:22:42PM +, Daniel P. Berrangé wrote:
On Tue, Oct 29, 2024 at 06:03:26AM -0500, Andrea Bolognani wrote:
On
On 10/30/24 4:43 AM, Daniel P. Berrangé wrote:
On Tue, Oct 29, 2024 at 11:21:36PM -0400, Laine Stump wrote:
On 10/29/24 3:41 PM, Phil Sutter wrote:
On Tue, Oct 29, 2024 at 05:36:02PM +, Daniel P. Berrangé wrote:
On Tue, Oct 29, 2024 at 06:29:55PM +0100, Phil Sutter wrote:
On Tue, Oct 29
On 10/29/24 11:21 PM, Laine Stump wrote:
On 10/29/24 3:41 PM, Phil Sutter wrote:
On Tue, Oct 29, 2024 at 05:36:02PM +, Daniel P. Berrangé wrote:
On Tue, Oct 29, 2024 at 06:29:55PM +0100, Phil Sutter wrote:
On Tue, Oct 29, 2024 at 03:38:08PM +, Daniel P. Berrangé wrote:
On Tue, Oct 29
On 10/29/24 10:51 AM, Laine Stump wrote:
On 10/29/24 9:14 AM, Daniel P. Berrangé wrote:
On Tue, Oct 29, 2024 at 01:09:00PM +, Andrea Bolognani wrote:
On Tue, Oct 29, 2024 at 12:46:55PM +, Daniel P. Berrangé wrote:
A key difference that is probably relevant is that netbsd is
using an
wrote:
Hi,
On Tue, Oct 29, 2024 at 09:30:27AM -0400, Laine Stump wrote:
So when the extra rules are removed, then those same guests begin
working? (You can easily remove the checksum rules with:
nft delete chain ip libvirt_network postroute_mangle
BTW, I just now tried an e1000e NIC on Fedora
oking for something more universal
to be included in the next release.
Signed-off-by: Laine Stump
---
src/network/network_nftables.c| 69 ---
tests/networkxml2firewalldata/base.nftables | 14
.../forward-dev-linux.nftables| 16 -
.../iso
On 10/29/24 9:14 AM, Daniel P. Berrangé wrote:
On Tue, Oct 29, 2024 at 01:09:00PM +, Andrea Bolognani wrote:
On Tue, Oct 29, 2024 at 12:46:55PM +, Daniel P. Berrangé wrote:
A key difference that is probably relevant is that netbsd is
using an e1000 NIC in QEMU, while openbsd is using a
On 10/29/24 8:46 AM, Daniel P. Berrangé wrote:
On Tue, Oct 29, 2024 at 12:22:42PM +, Daniel P. Berrangé wrote:
On Tue, Oct 29, 2024 at 06:03:26AM -0500, Andrea Bolognani wrote:
On Mon, Oct 28, 2024 at 06:07:14PM +, Daniel P. Berrangé wrote:
On Mon, Oct 28, 2024 at 10:32:55AM -0700, And
On 10/24/24 12:36 PM, Daniel P. Berrangé wrote:
On Mon, Oct 21, 2024 at 12:14:38AM -0400, Laine Stump wrote:
Many long years ago (April 2010), soon after "vhost" in-kernel packet
processing was added to the virtio-net driver, people running RHEL5
virtual machines with a virtio-net
the nftables rules setup for each virtual
network.
This has been verified (on a Fedora 40 host) to fix DHCP with FreeBSD
guests, while not breaking it for Fedora or Windows (10) guests.
Fixes: b89c4991daa0ee9371f10937fab3b03c5ffdabc6
Reported-by: Rich Jones
Fix-Suggested-by: Eric Garver
Fix-Sug
On 10/24/24 2:12 PM, Laine Stump wrote:
On 10/24/24 12:36 PM, Daniel P. Berrangé wrote:
[...]
AFAIR, it isn't actually a bug with virtio-net usage as this last
bit suggests. Rather it is a result of feature negotiation with QEMU
on the host, whereby the guest & QEMU mutually agree to
On 10/24/24 12:36 PM, Daniel P. Berrangé wrote:
[...]
AFAIR, it isn't actually a bug with virtio-net usage as this last
bit suggests. Rather it is a result of feature negotiation with QEMU
on the host, whereby the guest & QEMU mutually agree to turn off
checksums because they are redundant when
FYI I've also tested this with Win10 and it works fine. It would be nice
to get this into the upcoming release if possible (nudge nudge, wink wink)
On 10/21/24 12:14 AM, Laine Stump wrote:
Many long years ago (April 2010), soon after "vhost" in-kernel packet
processing was adde
The most common "error" when trying to unset the firewalld zone of an
interface is for firewalld to tell us that the interface already isn't
in any zone. Since this is what we want, no need to alarm the user by
logging it as an error.
Signed-off-by: Laine Stump
---
src/util/virf
e - that weave ended up sewed together, right?)
Signed-off-by: Laine Stump
---
src/network/bridge_driver.c | 8
src/network/bridge_driver_linux.c| 10 ++
src/network/bridge_driver_nop.c | 4 +++-
src/network/bridge_driver_platform.h | 3 ++-
4 files changed,
misleading log
messages about failed attempts to unset a zone.
Laine Stump (2):
network: ignore/don't log errors when unsetting firewalld zone
network: don't unset the firewalld zone if it's going to be
immediately re-set
src/network/bridge_driver.c | 8 +++
src
On 10/21/24 3:39 PM, validsud...@gmail.com wrote:
Hi, pardon my ignorance. I'm trying to add some changes to the libvirt codebase
(https://gitlab.com/libvirt/libvirt).
I've successfully built it with `meson setup /build` and a
`compile_commands.json` was generated in the build folder. But vscod
-by: Laine Stump
---
libvirt.spec.in | 1 -
1 file changed, 1 deletion(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index f26de04553..d54d2a1e3e 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -993,7 +993,6 @@ Requires: libvirt-daemon-driver-libxl =
%{version}-%{release}
Requires
h successes and failures of any guest to acquire an IP
address with DHCP. Once I've received enough positive reports (and 0
negative reports!) then we can think about pushing this patch (and
also backporting it downstream to Fedora 40)
Signed-off-by: Laine Stump
---
src/network/
it to make sure "clever" analyzers do not
think it may be used uninitialized.
Signed-off-by: Jiri Denemark
Reviewed-by: Laine Stump
---
src/util/virdevmapper.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/util/virdevmapper.c b/src/util/virdevmappe
On 10/10/24 7:48 AM, Martin Kletzander wrote:
On Tue, Oct 08, 2024 at 10:57:53AM -0400, Laine Stump wrote:
When the daemons were split out from the monolithic libvirtd, the
network driver didn't implement "inhibit idle timeout if there are any
active objects" as was done for ot
transitions from 0 to 1 or 1 to 0, inhibitCallback
is called, and it "does the right stuff" to prevent/enable the idle
timeout.
Signed-off-by: Laine Stump
---
I had made this patch as a part of a larger series that will require
it, but haven't sent that yet and keep being annoyed
network was first started).
Replaces: 200f60b2e12e68d618f6d59f0173bb507b678838
Resolves: https://issues.redhat.com/browse/RHEL-61576
Signed-off-by: Laine Stump
---
src/libvirt_private.syms | 1 +
src/network/bridge_driver_linux.c | 29 +++--
src/util/virfirewalld.c
is new better patch takes
its place.
Replaces: 1a72b83d566df952033529001b0f88a66d7f4393
Resolves: https://issues.redhat.com/browse/RHEL-61576
Re-Resolves: https://gitlab.com/libvirt/libvirt/-/issues/215
Signed-off-by: Laine Stump
---
src/network/bridge_driver_linux.c | 111 +++
add code outside that if clause).
debug log messages were also added to make it easier to test that the
right thing is being done in all cases.
Signed-off-by: Laine Stump
---
src/network/bridge_driver.c | 26 ++---
src/network/bridge_driver_linux.c | 175 +
ddFirewallRules() (rather than moving it into a separate
function) so that it is called every time the network's firewall rules
are reloaded (including the reload that happens in response to a
reload notification from firewalld).
Signed-off-by: Laine Stump
Signed-off-by: Laine Stu
This reverts commit 200f60b2e12e68d618f6d59f0173bb507b678838. The same
functionality will be re-added in a different way in an upcoming patch.
Signed-off-by: Laine Stump
Signed-off-by: Laine Stump
---
src/libvirt_private.syms | 1 -
src/network/bridge_driver.c | 4
t.com/browse/RHEL-61576
This new series of patches, reverts that commit, along with commit
v10.7.0-78-g200f60b2e1, then reimplements their functionality assuming
that a firewalld reload *will* reset the zone of all libvirt-managed
bridge devices.
Laine Stump (5):
Revert "network: *
On 9/30/24 9:40 AM, Laine Stump wrote:
On 9/27/24 11:28 AM, Jiri Denemark wrote:
Please give the release candidate some testing and in case you find a
serious issue which should have a fix in the upcoming release, feel
free to reply to this thread to make sure the issue is more visible.
Last
-by: Laine Stump
Fixes: a37bd2a15b8f2e7aa09519c86fe1ba1e59ce113f
---
The alternatives to this are:
1) revert a37bd2a15b8f2e7aa09519c86fe1ba1e59ce113f (but I haven't
checked yet if that will cause problems with the other patches in
that same series) to eliminate the regression but also
On 9/30/24 8:22 AM, Peter Krempa wrote:
On Mon, Sep 30, 2024 at 09:05:33 +0200, Peter Krempa wrote:
On Sun, Sep 29, 2024 at 16:04:12 -0400, Laine Stump wrote:
Signed-off-by: Laine Stump
---
NEWS.rst | 25 +
1 file changed, 25 insertions(+)
diff --git a/NEWS.rst b
On 9/27/24 11:28 AM, Jiri Denemark wrote:
Please give the release candidate some testing and in case you find a
serious issue which should have a fix in the upcoming release, feel
free to reply to this thread to make sure the issue is more visible.
Last night I discovered a regression caused b
Signed-off-by: Laine Stump
---
NEWS.rst | 25 +
1 file changed, 25 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index beea8221e1..617af915b3 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -19,6 +19,19 @@ v10.8.0 (unreleased)
* **Improvements**
+ * network: make
On 9/21/24 2:47 PM, Laine Stump wrote:
Thanks for the reviews!
Oops! Then I went and forgot to add the Reviewed-by: tag to the patches
before I pushed them :-/. Now your stats will be off by 4. :-(
On 9/20/24 4:12 AM, Ján Tomko wrote:
On a Thursday in 2024, Laine Stump wrote:
[...]
+ startHost = ntohl(startv4.val);
+ endHost = ntohl(endv4.val);
+
+ if (endHost - startHost > 65535) {
+ virReportError(VIR_ERR_INTERNAL_ER
On 9/20/24 3:57 AM, Ján Tomko wrote:
On a Thursday in 2024, Laine Stump wrote:
Many years ago (2011), virSocketAddrMask() had caused a bug by failing
to initialize an IPv6-specific field in the result virSocketAddr. This
was fixed by memset(0)ing the entire result (*network) at the
beginning of
Instead we can just get the ntohl of start & end,
and do the math directly.
Signed-off-by: Laine Stump
---
src/util/virsocketaddr.c | 47 +++-
1 file changed, 18 insertions(+), 29 deletions(-)
diff --git a/src/util/virsocketaddr.c b/src/util/virsocketaddr.
of the code to remove loops by
using x.val instead of x.bytes when appropriate.
Signed-off-by: Laine Stump
---
src/util/virsocketaddr.c | 24 ++--
1 file changed, 14 insertions(+), 10 deletions(-)
diff --git a/src/util/virsocketaddr.c b/src/util/virsocketaddr.c
index 60d8071
which is initialized to all 0!) and then
copying that to *network after it's finished assigning things from
addr.
Fixes: ba08c5932e556aa4f5101357127a6224c40e5ebe
Signed-off-by: Laine Stump
---
src/util/virsocketaddr.c | 21 -
1 file changed, 12 insertions(+), 9 deletion
Oops.
Fixes: 64b966558cc6002fe150a0292a24eb2802a792c5
Signed-off-by: Laine Stump
---
src/network/bridge_driver_conf.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/network/bridge_driver_conf.c b/src/network/bridge_driver_conf.c
index 9da5e790b7..4e40286ee3 100644
I noticed the virSocjetAddr() stuff when I was writing code that was
going to use virSocketAddrMask(). I think I ended up not using that
function after all, but the fixes are still worthwhile.
Laine Stump (4):
network: fix argument order/log level in message about
firewall_backend
util
ht someday support connecting
a new & different device backend (the way the virtual device connects
to the host) to an already existing guest netdev (the virtual device
as it appears to the guest). Sadly that has never happened, so for the
purposes of qemuDOmainChangeNet() "need
to do in all cases when the new type was
'network'), and also indicate that we'll need to replace olddev in the
domain with newdev (because either of these changes is major enough
that we shouldn't just try to fix up olddev)
Resolves: https://issues.redhat.com/browse/R
just the VM name and MAC address, so it
makes no sense to log the detach/attach pair as it's not providing
any information).
Signed-off-by: Laine Stump
---
src/qemu/qemu_hotplug.c | 55 ++---
1 file changed, 13 insertions(+), 42 deletions(-)
di
se of virNetDevTapReattachBridge() sets
force to false, to preserve current behavior. An upcoming patch will
use it with force set to true.
Signed-off-by: Laine Stump
---
src/conf/domain_conf.c | 2 +-
src/util/virnetdevtap.c | 8 ++--
src/util/virnetdevtap.h | 3 ++-
3 files changed, 9 insertions(+), 4 dele
e remainder of the direct problem).
Laine Stump (4):
qemu: prevent unnecessarily failing live interface update
util: don't return early from virNetDevTapReattachBridge() if "force"
is true
qemu: replace open-coded remove/attach bridge with
virNetDevTapReattachBridge()
qem
On 9/16/24 4:06 AM, Martin Kletzander wrote:
On Mon, Sep 16, 2024 at 09:49:44AM +0200, Martin Kletzander wrote:
On Thu, Sep 05, 2024 at 01:07:59PM -0400, Laine Stump wrote:
When a bridge device for a virtual network had been placed in a
firewalld zone while starting the network, then even
ea* what I thought I saw and how I
misunderstood it so badly :-/
On 9/16/24 12:02 PM, Laine Stump wrote:
On 9/3/24 10:36 AM, Martin Kletzander wrote:
Once networkUpdateState() identifies a dead network it should clean up
after it as well.
Resolves: https://issues.redhat.com/browse/RHEL-50968
Sig
(I have no idea what I was thinking)
Anyway
Reviewed-by: Laine Stump
for the entire series, and thanks for fixing a problem that has been
popping up once every year or two for as long as I can remember :-)
Martin Kletzander (8):
network: Do not update network ports for inactive network
On 9/3/24 10:36 AM, Martin Kletzander wrote:
Just in case one needs a clean up.
Resolves: https://issues.redhat.com/browse/RHEL-50968
Signed-off-by: Martin Kletzander
Reviewed-by: Laine Stump
---
src/network/bridge_driver.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions
On 9/3/24 10:36 AM, Martin Kletzander wrote:
The new function (networkCleanupInactive) can be called from an iterator
over the list of networks without the risk of deadlock.
Signed-off-by: Martin Kletzander
Reviewed-by: Laine Stump
---
src/network/bridge_driver.c | 18
On 9/3/24 10:36 AM, Martin Kletzander wrote:
Once networkUpdateState() identifies a dead network it should clean up
after it as well.
Resolves: https://issues.redhat.com/browse/RHEL-50968
Signed-off-by: Martin Kletzander
---
src/network/bridge_driver.c | 6 ++
1 file changed, 6 insertion
On 9/3/24 10:36 AM, Martin Kletzander wrote:
It skips the cleanup from networkStartNetwork and the only other path> already
checks if the network is active or not.
Signed-off-by: Martin Kletzander
Reviewed-by: Laine Stump
---
src/network/bridge_driver.c | 3 ---
1 file changed
: Laine Stump
---
src/network/bridge_driver.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index b16d524aa181..d27a7e9b88c4 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -2447,6
On 9/3/24 10:36 AM, Martin Kletzander wrote:
The function networkShutdownNetwork already does that.
(Harmless, but redundant)(or am I missing something?)
Signed-off-by: Martin Kletzander
Reviewed-by: Laine Stump
---
src/network/bridge_driver.c | 1 -
1 file changed, 1 deletion
xcept* when a network's bridge device
has disappeared causing us to mark the network inactive *during*
networkUpdate state. Yep.)
Signed-off-by: Martin Kletzander
Reviewed-by: Laine Stump
---
src/network/bridge_driver.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
di
On 9/16/24 4:06 AM, Martin Kletzander wrote:
Having said that it would still be beneficial to do some extra clean up
to remove the zone if, for example, the bridge disappeared while
virtnetworkd was not running (shameless plug of [1] O:-) )
Martin
[1] https://lists.libvirt.org/archives/list/dev
ping
On 9/5/24 1:07 PM, Laine Stump wrote:
While closing out the > 50 open tabs that had accumulated in one of my
3 browser windows, I came across a couple of upstream issues where I
had posted a comment several months ago that I would fix some simple
problem "tomorrow" (or maybe
On 9/11/24 7:42 PM, Demi Marie Obenour wrote:
On Wed, Sep 11, 2024 at 05:09:03PM -0600, Jim Fehlig wrote:
On 9/11/24 16:24, Laine Stump wrote:
On 9/11/24 5:02 PM, Jim Fehlig via Devel wrote:
The Xen libxl driver does not support nwfilter. Add a check for nwfilters
to the
On 9/11/24 6:44 PM, Jim Fehlig via Devel wrote:
On 9/11/24 15:54, Demi Marie Obenour wrote:
On Wed, Sep 11, 2024 at 03:02:41PM -0600, Jim Fehlig wrote:
Enhance the 'since' annotation of documentation to note
it's only supported by the QEMU, LXC, and ch hypervisor drivers.
Signed-off-by: Jim F
On 9/11/24 5:02 PM, Jim Fehlig via Devel wrote:
The Xen libxl driver does not support nwfilter. Add a check for nwfilters
to the devicesPostParseCallback, returning VIR_ERR_CONFIG_UNSUPPORTED if
any are found.
It's generally preferred for drivers to ignore unsupported XML features,
I would ins
+profile can be assigned to a domain interface, which allows configuring traffic
+filter rules for the virtual machine. See the `nwfilter
`__
+documentation for more complete details.
It's preexisting, but I would have said "allows configuring network
traffic filter rules".
Reviewed-by: Laine Stump
rt won't be deleting that bridge, so we take care to
not unset the zone in that case.
Signed-off-by: Laine Stump
---
src/libvirt_private.syms | 1 +
src/network/bridge_driver.c | 4
src/network/bridge_driver_linux.c| 14 ++
src/network/bridge_driv
west distro that has a version of firewalld < 0.7.0 is
RHEL7/CentOS7, so we can remove the complexity and if the libvirt zone
is missing simply say "the libvirt zone is missing".
Signed-off-by: Laine Stump
---
src/network/bridge_driver_linux.c | 21 +++--
1 file chang
eared by a
firewalld restart, including those rules added by libvirt), and so we
don't need to be re-setting it all the time.
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/215
Signed-off-by: Laine Stump
---
src/network/bridge_driver.c | 4 ++
src/network/bridge
The 'open' forward type probably hadn't yet been added when this
message was written.
Signed-off-by: Laine Stump
---
src/conf/network_conf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
index 3383906c58..5f
;ve been
reminded, I thought I should actually do that.
Laine Stump (5):
network: permit when a network has no IP
address
network: belatedly update an error message
network: support setting firewalld zone for bridge device of open
networks
network: remove firewalld version che
ey want to add their own). So there's
no reason to fail when a network has and also
has no IP address.
Kind-of-Resolves: https://gitlab.com/libvirt/libvirt/-/issues/588
Signed-off-by: Laine Stump
---
src/conf/network_conf.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff -
On 8/21/24 5:50 PM, Jim Fehlig via Devel wrote:
Laine's attempt long ago [1] to deprecate/obsolete the virInterface*
APIs did not receive a standing ovation. However he raised many good
points which are still valid today. If anything, netcf, the libvirt
netcf backend, and the whole interface dr
On 8/19/24 6:22 AM, Martin Kletzander wrote:
On Fri, Aug 16, 2024 at 11:52:09PM -0400, Laine Stump wrote:
(in case that makes no sense:
https://www.poetryfoundation.org/poems/42916/jabberwocky - my 3rd or 4th
favorite poem, after 2 or 3 by Dr. Seuss)
Sounds good, I just need to learn the
int len = nh->nlmsg_len;
void *addr;
+if (nh->nlmsg_type == NLMSG_DONE)
+return table;
I would prefer "break;" here rather than "return table;" just in case
someone in the future adds something that requires
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("wrong nlmsg len"));
goto cleanup;
I prefer Ondrej Mosnáček's suggested change here:
https://bugzilla.redhat.com/2302245#c7 - he eliminates "len" entirely
and replaces it with n
_rtattr(tb, NDA_MAX, NDA_RTA(r),
- nh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
+parse_rtattr(tb, NDA_MAX, NDA_RTA(r), NLMSG_PAYLOAD(nh, sizeof(*r)));
VIR_WARNINGS_RESET
if (tb[NDA_DST] == NULL || tb[NDA_LLADDR] == NULL)
Reviewed-by: Laine Stump
On 8/16/24 8:45 AM, Martin Kletzander wrote:
Somehow it happened that some kernels (I noticed this with 6.10.0 and 6.10.2 on
various machines) started sending NLMSG_DONE message (as they probably should've
even before),
This comment shows the kernel commit that caused it:
https://bugzilla.red
On 8/16/24 11:23 AM, Daniel P. Berrangé wrote:
On Wed, Aug 07, 2024 at 04:00:09PM -0400, Laine Stump wrote:
On 8/7/24 1:32 PM, Daniel P. Berrangé wrote:
On Wed, Aug 07, 2024 at 01:16:01PM -0400, Laine Stump wrote:
+
+import libvirt
+import sys
+import os
+import libxml2
+from ipaddress import
On 8/16/24 11:30 AM, Daniel P. Berrangé wrote:
On Wed, Aug 07, 2024 at 02:15:16PM -0400, Laine Stump wrote:
On 8/7/24 1:45 PM, Daniel P. Berrangé wrote:
On Wed, Aug 07, 2024 at 01:16:02PM -0400, Laine Stump wrote:
With autoaddr enabled, the subnet to be used for the default network
will be
On 8/7/24 1:32 PM, Daniel P. Berrangé wrote:
On Wed, Aug 07, 2024 at 01:16:01PM -0400, Laine Stump wrote:
There has been a problem for several years with libvirt's default
virtual network conflicting with the host physical network connection
on new installs, particularly when the &quo
On 8/7/24 1:54 PM, Daniel P. Berrangé wrote:
On Wed, Aug 07, 2024 at 01:16:03PM -0400, Laine Stump wrote:
Since the default network now has autoaddr='yes', there is no need to
waste time during %post install looking for an unused network and
modifying the config of the default virtu
On 8/7/24 1:45 PM, Daniel P. Berrangé wrote:
On Wed, Aug 07, 2024 at 01:16:02PM -0400, Laine Stump wrote:
With autoaddr enabled, the subnet to be used for the default network
will be verified/changed at the time the network starts.
Signed-off-by: Laine Stump
---
src/network/default.xml.in
On 8/7/24 1:41 PM, Daniel P. Berrangé wrote:
On Wed, Aug 07, 2024 at 01:15:58PM -0400, Laine Stump wrote:
These options are added to network.conf and virNetworkDriverConfig object:
autoaddr_start - start of the range of subnets to search (def: "192.168.122.0")
autoaddr_end - end of
ther than selecting from a manually
configured range of networks, I *think* it should semi-randomly select
a network ala RFC 4193, and anyway conflicting IPv6 networks hasn't
been an issue up to now).
Signed-off-by: Laine Stump
---
docs/formatnetwork.rst|
network if they
didn't want the stock default network config, but nobody will be
expecting that they have to do that, leading to hundreds of bug
reports about "I deleted the default network and it comes back every
time I update my packages!")
Signed-off-by: Laine Stump
ning and connected to the network,
they will be disconnected, and won't be reconnected until
libvirtd/virtqemud is restarted (one of the things the QEMU driver
does when rereading the status of active guests is to make sure all
their interfaces are connected to their respective netwo
With autoaddr enabled, the subnet to be used for the default network
will be verified/changed at the time the network starts.
Signed-off-by: Laine Stump
---
src/network/default.xml.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/network/default.xml.in b/src/network
d the previous time.
Signed-off-by: Laine Stump
---
src/network/bridge_driver.c | 137 ++--
1 file changed, 133 insertions(+), 4 deletions(-)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index b8e752f20d..cceeb5d941 100644
--- a/sr
against all existing routes before
moving on to the next.
Signed-off-by: Laine Stump
---
src/network/bridge_driver.c | 72 ++-
src/network/bridge_driver_linux.c| 132 +++
src/network/bridge_driver_nop.c | 22 +++--
src/network
They will be used by the network driver when looking for unused
subnets to assign to networks that have "autoaddr='yes'" in one of
their elements.
Signed-off-by: Laine Stump
---
meson.build | 14 +-
meson_options.txt|
27;t think anyone has complained about that. Yet.)
I think this may break the record for "oldest bug to be fixed", which
was previously set when danpb fixed the firewalling issue with guests
on two different NATed networks being able to communicate with each
other. :-)
Laine Stump (7):
s/filing/failing/ in the summary line :-)
On 7/22/24 10:56 AM, Daniel P. Berrangé wrote:
Signed-off-by: Daniel P. Berrangé
---
src/rpc/virnetclientstream.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/rpc/virnetclientstream.c b/src/rpc/virnetclientstream.c
index 98034d737d..380b
*ping*
(if you ack it. please also push since I'm mostly away from my computer
for the next 2.5 weeks)
On 6/12/24 3:25 PM, Laine Stump wrote:
When the chain names and table name used by the nftables firewall
backend were changed in commit
958aa7f274904eb8e4678a43eac845044f0dcc38, I forg
ipv6 are nated
Signed-off-by: Laine Stump
---
If you ack this, please also push it, as I'm on vacation and only
sporadically connected.
.../forward-dev-linux.iptables| 154 +++
.../forward-dev-linux.nftables| 158 +++
tests/networkxml2firewalldata/fo
On 6/14/24 12:22 PM, Andrea Bolognani wrote:
On Fri, Jun 14, 2024 at 03:43:53PM GMT, Daniel P. Berrangé wrote:
meson.build | 26 +++---
meson_options.txt | 2 +-
src/network/bridge_driver_conf.c | 19 ++-
src/networ
On 6/12/24 2:32 PM, Roman Bogorodskiy wrote:
Laine Stump wrote:
On 6/10/24 2:54 PM, Roman Bogorodskiy wrote:
Laine Stump wrote:
This patch series enables libvirt to use nftables rules rather than
iptables *when setting up virtual networks* (it does *not* add
nftables support to the
On 6/12/24 11:46 AM, Andrea Bolognani wrote:
On Wed, Jun 12, 2024 at 10:42:43AM GMT, Laine Stump wrote:
On 6/12/24 9:18 AM, Andrea Bolognani wrote:
On Wed, Jun 12, 2024 at 08:42:48AM GMT, Laine Stump wrote:
On 6/12/24 6:47 AM, Daniel P. Berrangé wrote:
On Wed, Jun 12, 2024 at 03:27:24AM
nftables tests, I didn't notice
this. Until now.
base.nftables has now been updated to reflect the current names for
chains/table, and running individual test cases is once again
successful.
Fixes: 958aa7f274904eb8e4678a43eac845044f0dcc38
Signed-off-by: Laine Stump
---
tests/networkxml2fi
On 6/12/24 9:18 AM, Andrea Bolognani wrote:
On Wed, Jun 12, 2024 at 08:42:48AM GMT, Laine Stump wrote:
On 6/12/24 6:47 AM, Daniel P. Berrangé wrote:
On Wed, Jun 12, 2024 at 03:27:24AM -0700, Andrea Bolognani wrote:
[...] I'd be extremely surprised to learn that
guest network connect
eeBSD users are only using type='bridge'/), then this patch will be fine.
If I re-assume to the latter, then:
Reviewed-by: Laine Stump
(and soon to be Tested-by, but first I have some errands to run :-)
but we should make sure they aren't trying to use
on platforms with n
On 6/12/24 6:47 AM, Daniel P. Berrangé wrote:
On Wed, Jun 12, 2024 at 03:27:24AM -0700, Andrea Bolognani wrote:
On Wed, Jun 12, 2024 at 09:57:15AM GMT, Daniel P. Berrangé wrote:
On Wed, Jun 12, 2024 at 01:54:47AM -0700, Andrea Bolognani wrote:
Is there much of a difference between having an ex
error;
+}
+
Reviewed-by: Laine Stump
About once every 3 or 4 years I've wondered why we load the network
driver for unprivileged libvirt, since it's unusable. I haven't had the
attention span to ask anyone and write this patch though :-)
;m re-sending my response, but to the new mailing list :-))
On 6/10/24 2:54 PM, Roman Bogorodskiy wrote:
Laine Stump wrote:
This patch series enables libvirt to use nftables rules rather than
iptables *when setting up virtual networks* (it does *not* add
nftables support to the nwfilter driver
1 - 100 of 299 matches
Mail list logo
