From nobody Thu Sep 19 00:19:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1715969314177713.3412115850001; Fri, 17 May 2024 11:08:34 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 18EF41779; Fri, 17 May 2024 14:08:32 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 375551E57; Fri, 17 May 2024 13:32:21 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 8D0B71C80; Fri, 17 May 2024 13:30:27 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 1F5D71779 for ; Fri, 17 May 2024 13:30:14 -0400 (EDT) Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-342-I8BdwOx1M1-yichqu30plw-1; Fri, 17 May 2024 13:30:12 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D989B1C05151 for ; Fri, 17 May 2024 17:30:11 +0000 (UTC) Received: from vhost3.router.laine.org (unknown [10.22.16.223]) by smtp.corp.redhat.com (Postfix) with ESMTP id B8FE240C6EB7 for ; Fri, 17 May 2024 17:30:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1715967013; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lfw0kqhbiYHgxScIJQPWy9juo5FXI9arSP+vI9gCi/U=; b=jWHpKULBIa4xEyd5Mq6az1C1fMbbSW2GVr4xbU1QEzS7/++bm3FkSLjfR+2W8mTyGdvIVN 6+k4mok+8g39916pGqWPDKTiQVykzrkgHTxSzky09n6iyquwOnwbCpyLYu0Dr6kHjayQym qoRF94OXEOGyCFEd2bTEUPC7Vy1aFS4= X-MC-Unique: I8BdwOx1M1-yichqu30plw-1 From: Laine Stump To: devel@lists.libvirt.org Subject: [PATCH v5 28/30] network: name the nftables table "libvirt_network" rather than "libvirt" Date: Fri, 17 May 2024 13:30:05 -0400 Message-ID: <20240517173007.8125-29-laine@redhat.com> In-Reply-To: <20240517173007.8125-1-laine@redhat.com> References: <20240517173007.8125-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: FS2EORQ7GMLYZF2ZYZDLUVH5JI7ENQQN X-Message-ID-Hash: FS2EORQ7GMLYZF2ZYZDLUVH5JI7ENQQN X-MailFrom: laine@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1715969315467100001 Content-Type: text/plain; charset="utf-8" This way when we implement nftables for the nwfilter driver, we can create a separate table called "libvirt_nwfilter" and everything will look all symmetrical and stuff. Signed-off-by: Laine Stump Reviewed-by: Daniel P. Berrang=C3=A9 --- src/network/network_nftables.c | 2 +- .../nat-default-linux.nftables | 36 +++++----- .../nat-ipv6-linux.nftables | 58 ++++++++-------- .../nat-ipv6-masquerade-linux.nftables | 66 +++++++++---------- .../nat-many-ips-linux.nftables | 64 +++++++++--------- .../nat-no-dhcp-linux.nftables | 58 ++++++++-------- .../nat-tftp-linux.nftables | 40 +++++------ .../route-default-linux.nftables | 26 ++++---- 8 files changed, 175 insertions(+), 175 deletions(-) diff --git a/src/network/network_nftables.c b/src/network/network_nftables.c index c8cee98df5..ec9194a8b8 100644 --- a/src/network/network_nftables.c +++ b/src/network/network_nftables.c @@ -53,7 +53,7 @@ VIR_LOG_INIT("network.nftables"); * the iptables-compat */ =20 -#define VIR_NFTABLES_PRIVATE_TABLE "libvirt" +#define VIR_NFTABLES_PRIVATE_TABLE "libvirt_network" =20 /* nftables backend uses the same binary (nft) for all layers, but * IPv4 and IPv6 have their rules in separate classes of tables, diff --git a/tests/networkxml2firewalldata/nat-default-linux.nftables b/tes= ts/networkxml2firewalldata/nat-default-linux.nftables index 2dafe078a1..92b3dd7fc0 100644 --- a/tests/networkxml2firewalldata/nat-default-linux.nftables +++ b/tests/networkxml2firewalldata/nat-default-linux.nftables @@ -2,7 +2,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -15,7 +15,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -28,7 +28,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -41,7 +41,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -54,7 +54,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -67,7 +67,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -80,7 +80,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -93,7 +93,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -106,7 +106,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -116,7 +116,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -126,7 +126,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -138,7 +138,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip \ saddr \ @@ -151,7 +151,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -167,7 +167,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -182,7 +182,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -202,7 +202,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -222,7 +222,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -236,7 +236,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ diff --git a/tests/networkxml2firewalldata/nat-ipv6-linux.nftables b/tests/= networkxml2firewalldata/nat-ipv6-linux.nftables index 63d4d8e2a5..f8317415cf 100644 --- a/tests/networkxml2firewalldata/nat-ipv6-linux.nftables +++ b/tests/networkxml2firewalldata/nat-ipv6-linux.nftables @@ -2,7 +2,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -15,7 +15,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -28,7 +28,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -41,7 +41,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -54,7 +54,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -67,7 +67,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -80,7 +80,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -93,7 +93,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -106,7 +106,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -116,7 +116,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -126,7 +126,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -138,7 +138,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -148,7 +148,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -158,7 +158,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -170,7 +170,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -183,7 +183,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -196,7 +196,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -209,7 +209,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -222,7 +222,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -235,7 +235,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -248,7 +248,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip \ saddr \ @@ -261,7 +261,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -277,7 +277,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -292,7 +292,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -312,7 +312,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -332,7 +332,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -346,7 +346,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -360,7 +360,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip6 \ saddr \ @@ -373,7 +373,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ ip6 \ daddr \ diff --git a/tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftabl= es b/tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftables index e6d5dea661..a15b38478b 100644 --- a/tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftables +++ b/tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftables @@ -2,7 +2,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -15,7 +15,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -28,7 +28,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -41,7 +41,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -54,7 +54,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -67,7 +67,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -80,7 +80,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -93,7 +93,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -106,7 +106,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -116,7 +116,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -126,7 +126,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -138,7 +138,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -148,7 +148,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -158,7 +158,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -170,7 +170,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -183,7 +183,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -196,7 +196,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -209,7 +209,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -222,7 +222,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -235,7 +235,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -248,7 +248,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip \ saddr \ @@ -261,7 +261,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -277,7 +277,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -292,7 +292,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -312,7 +312,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -332,7 +332,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -346,7 +346,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -360,7 +360,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip6 \ saddr \ @@ -373,7 +373,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -389,7 +389,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip6 \ saddr \ @@ -404,7 +404,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -424,7 +424,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -444,7 +444,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip6 \ saddr \ diff --git a/tests/networkxml2firewalldata/nat-many-ips-linux.nftables b/te= sts/networkxml2firewalldata/nat-many-ips-linux.nftables index e636916c7e..bd88ec9d83 100644 --- a/tests/networkxml2firewalldata/nat-many-ips-linux.nftables +++ b/tests/networkxml2firewalldata/nat-many-ips-linux.nftables @@ -2,7 +2,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -15,7 +15,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -28,7 +28,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -41,7 +41,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -54,7 +54,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -67,7 +67,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -80,7 +80,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -93,7 +93,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -106,7 +106,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -116,7 +116,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -126,7 +126,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -138,7 +138,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip \ saddr \ @@ -151,7 +151,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -167,7 +167,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -182,7 +182,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -202,7 +202,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -222,7 +222,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -236,7 +236,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -250,7 +250,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip \ saddr \ @@ -263,7 +263,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -279,7 +279,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -294,7 +294,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -314,7 +314,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -334,7 +334,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -348,7 +348,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -362,7 +362,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip \ saddr \ @@ -375,7 +375,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -391,7 +391,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -406,7 +406,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -426,7 +426,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -446,7 +446,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -460,7 +460,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ diff --git a/tests/networkxml2firewalldata/nat-no-dhcp-linux.nftables b/tes= ts/networkxml2firewalldata/nat-no-dhcp-linux.nftables index 63d4d8e2a5..f8317415cf 100644 --- a/tests/networkxml2firewalldata/nat-no-dhcp-linux.nftables +++ b/tests/networkxml2firewalldata/nat-no-dhcp-linux.nftables @@ -2,7 +2,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -15,7 +15,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -28,7 +28,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -41,7 +41,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -54,7 +54,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -67,7 +67,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -80,7 +80,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -93,7 +93,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -106,7 +106,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -116,7 +116,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -126,7 +126,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -138,7 +138,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -148,7 +148,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -158,7 +158,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -170,7 +170,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -183,7 +183,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -196,7 +196,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -209,7 +209,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -222,7 +222,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -235,7 +235,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -248,7 +248,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip \ saddr \ @@ -261,7 +261,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -277,7 +277,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -292,7 +292,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -312,7 +312,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -332,7 +332,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -346,7 +346,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -360,7 +360,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip6 \ saddr \ @@ -373,7 +373,7 @@ nft \ -ae insert \ rule \ ip6 \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ ip6 \ daddr \ diff --git a/tests/networkxml2firewalldata/nat-tftp-linux.nftables b/tests/= networkxml2firewalldata/nat-tftp-linux.nftables index bb0598d011..a25935b831 100644 --- a/tests/networkxml2firewalldata/nat-tftp-linux.nftables +++ b/tests/networkxml2firewalldata/nat-tftp-linux.nftables @@ -2,7 +2,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -15,7 +15,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -28,7 +28,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -41,7 +41,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -54,7 +54,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -67,7 +67,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -80,7 +80,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -93,7 +93,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -106,7 +106,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -119,7 +119,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -132,7 +132,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -142,7 +142,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -152,7 +152,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -164,7 +164,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip \ saddr \ @@ -177,7 +177,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -193,7 +193,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -208,7 +208,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -228,7 +228,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ meta \ l4proto \ @@ -248,7 +248,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ @@ -262,7 +262,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_PRT \ ip \ saddr \ diff --git a/tests/networkxml2firewalldata/route-default-linux.nftables b/t= ests/networkxml2firewalldata/route-default-linux.nftables index 834f6366ae..2337d50baf 100644 --- a/tests/networkxml2firewalldata/route-default-linux.nftables +++ b/tests/networkxml2firewalldata/route-default-linux.nftables @@ -2,7 +2,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -15,7 +15,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -28,7 +28,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -41,7 +41,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -54,7 +54,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -67,7 +67,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_INP \ iifname \ virbr0 \ @@ -80,7 +80,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -93,7 +93,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_OUT \ oifname \ virbr0 \ @@ -106,7 +106,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ iifname \ virbr0 \ @@ -116,7 +116,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ oifname \ virbr0 \ @@ -126,7 +126,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWX \ iifname \ virbr0 \ @@ -138,7 +138,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWO \ ip \ saddr \ @@ -151,7 +151,7 @@ nft \ -ae insert \ rule \ ip \ -libvirt \ +libvirt_network \ LIBVIRT_FWI \ ip \ daddr \ --=20 2.45.0