add firewall option to qemu network interface

author Alexandre Derumier <aderumier@odiso.com>

Wed, 7 May 2014 08:42:42 +0000 (10:42 +0200)

committer Dietmar Maurer <dietmar@proxmox.com>

Thu, 8 May 2014 06:35:37 +0000 (08:35 +0200)
author Alexandre Derumier <aderumier@odiso.com>
Wed, 7 May 2014 08:42:42 +0000 (10:42 +0200)
committer Dietmar Maurer <dietmar@proxmox.com>
Thu, 8 May 2014 06:35:37 +0000 (08:35 +0200)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm

index e01b2e9ae6a6ec38a79cbf8d17e0567ce2238978..e7d49d9b503357bf9b4d7623e25f2163206284b8 100644 (file)
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -838,9 +838,9 @@ my $vmconfig_update_net = sub {
                     PVE::Network::tap_rate_limit($iface, $newnet->{rate});
                 }
  
-               if(($newnet->{bridge} ne $oldnet->{bridge}) || ($newnet->{tag} ne $oldnet->{tag})){
-                   eval{PVE::Network::tap_unplug($iface, $oldnet->{bridge}, $oldnet->{tag});};
-                   PVE::Network::tap_plug($iface, $newnet->{bridge}, $newnet->{tag});
+               if(($newnet->{bridge} ne $oldnet->{bridge}) || ($newnet->{tag} ne $oldnet->{tag}) || ($newnet->{firewall} ne $oldnet->{firewall})){
+                   eval{PVE::Network::tap_unplug($iface, $oldnet->{bridge}, $oldnet->{tag}, $oldnet->{firewall});};
+                   PVE::Network::tap_plug($iface, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall});
                 }
  
             }else{
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm

index 43b02ee4a543313a56abce55dba820216027cebc..5ee2606db338816761f259684aa5049b8c9abc8f 100644 (file)
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -478,7 +478,7 @@ my $nic_model_list_txt = join(' ', sort @$nic_model_list);
  my $netdesc = {
      optional => 1,
      type => 'string', format => 'pve-qm-net',
-    typetext => "MODEL=XX:XX:XX:XX:XX:XX [,bridge=<dev>][,rate=<mbps>][,tag=<vlanid>]",
+    typetext => "MODEL=XX:XX:XX:XX:XX:XX [,bridge=<dev>][,rate=<mbps>][,tag=<vlanid>][,firewall=0|1]",
      description => <<EODESCR,
  Specify network devices.
  
@@ -1263,6 +1263,8 @@ sub parse_net {
             $res->{rate} = $1;
          } elsif ($kvp =~ m/^tag=(\d+)$/) {
              $res->{tag} = $1;
+        } elsif ($kvp =~ m/^firewall=(\d+)$/) {
+           $res->{firewall} = $1;
         } else {
             return undef;
         }
diff --git a/pve-bridge b/pve-bridge

index 81ad5f4501284a7e3b747698750d285a3ec9b7b2..d6c5eb8732a8a1a753307dff889259f744576ac9 100755 (executable)
--- a/pve-bridge
+++ b/pve-bridge
@@ -30,6 +30,6 @@ PVE::Network::tap_create($iface, $net->{bridge});
  
  PVE::Network::tap_rate_limit($iface, $net->{rate}) if $net->{rate};
  
-PVE::Network::tap_plug($iface, $net->{bridge}, $net->{tag});
+PVE::Network::tap_plug($iface, $net->{bridge}, $net->{tag}, $net->{firewall});
  
  exit 0;
author	Alexandre Derumier <aderumier@odiso.com>
	Wed, 7 May 2014 08:42:42 +0000 (10:42 +0200)
committer	Dietmar Maurer <dietmar@proxmox.com>
	Thu, 8 May 2014 06:35:37 +0000 (08:35 +0200)
PVE/API2/Qemu.pm		patch \| blob \| blame \| history
PVE/QemuServer.pm		patch \| blob \| blame \| history
pve-bridge		patch \| blob \| blame \| history