On 05/18/2012 04:19 PM, Eric Blake wrote:
On 05/14/2012 07:00 PM, Stefan Berger wrote:
+
+flags = virBufferContentAndReset(vb);
+
+if (snprintf(buf, bufsize, %s, flags)= bufsize) {
+virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, %s,
+
On 05/14/2012 07:00 PM, Stefan Berger wrote:
This patch adds support for the recent ipset iptables extension
to libvirt's nwfilter subsystem. Ipset allows to maintain 'sets'
of IP addresses, ports and other packet parameters and allows for
faster lookup (in the order of O(1) vs. O(n)) and rule
On 05/15/2012 11:47 AM, Laine Stump wrote:
Since ipset management is quite complex, the idea was to leave ipset
management outside of libvirt but still allow users to reference an
ipset.
The user would have to make sure the ipset is available once the VM is
started so that the iptables
On 05/14/2012 09:00 PM, Stefan Berger wrote:
This patch adds support for the recent ipset iptables extension
to libvirt's nwfilter subsystem. Ipset allows to maintain 'sets'
of IP addresses, ports and other packet parameters and allows for
faster lookup (in the order of O(1) vs. O(n)) and rule
This patch adds support for the recent ipset iptables extension
to libvirt's nwfilter subsystem. Ipset allows to maintain 'sets'
of IP addresses, ports and other packet parameters and allows for
faster lookup (in the order of O(1) vs. O(n)) and rule evaluation
to achieve higher throughput than
