This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] Fix iptables failure test in vif-common.sh

To: "Xen-Devel (E-mail)" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] Fix iptables failure test in vif-common.sh
From: John Haxby <john.haxby@xxxxxxxxxx>
Date: Fri, 07 Aug 2009 13:34:00 +0100
Delivery-date: Fri, 07 Aug 2009 05:34:31 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1b3pre) Gecko/20090513 Fedora/3.0-2.3.beta2.fc11 Lightning/1.0pre Thunderbird/3.0b2
In changset 19540 a bug was introduced in the fib_iptable function in vif-common.sh that incorrectly checks the exit status of iptables -- it always believes iptables has failed even when it hasn't.

The attached patch fixes that.  It's also bug 1490.

Signed-off-by: John Haxby <john.haxby@xxxxxxxxxx>

(Inline and attachment, I don't trust this thunderbird beta)

diff -up xen-3.4.0/tools/hotplug/Linux/vif-common.sh.bug1490 
--- xen-3.4.0/tools/hotplug/Linux/vif-common.sh.bug1490 2009-08-07 
12:37:35.000000000 +0100
+++ xen-3.4.0/tools/hotplug/Linux/vif-common.sh 2009-08-07 12:39:58.000000000 
@@ -78,7 +78,7 @@ frob_iptable()
   iptables "$c" FORWARD -m state --state RELATED,ESTABLISHED -m physdev \
     --physdev-out "$vif" -j ACCEPT 2>/dev/null

-  if [ "$command" == "online" ]&&  [ $? ]
+  if [ "$command" == "online" -a $? -ne 0 ]
     log err "iptables setup failed. This may affect guest networking."

Attachment: bug1490.patch
Description: Text Data

Xen-devel mailing list
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] Fix iptables failure test in vif-common.sh, John Haxby <=