[pve-devel] [PATCH] openvz : add tag and firewall options to veth
Alexandre Derumier
aderumier at odiso.com
Wed Apr 30 14:51:29 CEST 2014
allow to defined vlan tag and to disable firewall for a specific veth interface
Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
PVE/OpenVZ.pm | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/PVE/OpenVZ.pm b/PVE/OpenVZ.pm
index 2b92979..191fe8c 100644
--- a/PVE/OpenVZ.pm
+++ b/PVE/OpenVZ.pm
@@ -499,13 +499,16 @@ sub parse_netif {
foreach my $iface (split (/;/, $data)) {
my $d = {};
+ $d->{firewall} = 1;
foreach my $pv (split (/,/, $iface)) {
- if ($pv =~ m/^(ifname|mac|bridge|host_ifname|host_mac|mac_filter)=(.+)$/) {
+ if ($pv =~ m/^(ifname|mac|bridge|host_ifname|host_mac|mac_filter|tag|firewall)=(.+)$/) {
if ($1 eq 'host_ifname') {
$d->{$1} = $2;
$host_ifnames->{$2} = $1;
} elsif ($1 eq 'mac_filter') {
$d->{$1} = parse_boolean('mac_filter', $2);
+ } elsif ($1 eq 'firewall') {
+ $d->{firewall} = undef if $2 == 0;
} else {
$d->{$1} = $2;
}
@@ -539,6 +542,8 @@ sub print_netif {
$res .= ",host_ifname=$net->{host_ifname}" if $net->{host_ifname};
$res .= ",host_mac=$net->{host_mac}" if $net->{host_mac};
$res .= ",bridge=$net->{bridge}" if $net->{bridge};
+ $res .= ",tag=$net->{tag}" if $net->{tag};
+ $res .= ",bridge=$net->{firewall}" if $net->{firewall};
if (defined($net->{mac_filter}) && !$net->{mac_filter}) {
$res .= ",mac_filter=off"; # 'on' is the default
@@ -1103,6 +1108,8 @@ sub update_ovz_config {
$ifadd .= $newif->{$ifname}->{host_ifname} ? ",$newif->{$ifname}->{host_ifname}" : ',';
$ifadd .= $newif->{$ifname}->{host_mac} ? ",$newif->{$ifname}->{host_mac}" : ',';
$ifadd .= $newif->{$ifname}->{bridge} ? ",$newif->{$ifname}->{bridge}" : '';
+ $ifadd .= $newif->{$ifname}->{tag} ? ",$newif->{$ifname}->{tag}" : '';
+ $ifadd .= $newif->{$ifname}->{firewall} ? ",$newif->{$ifname}->{firewall}" : '';
# not possible with current vzctl
#$ifadd .= $newif->{$ifname}->{mac_filter} ? ",$newif->{$ifname}->{mac_filter}" : '';
--
1.7.10.4
More information about the pve-devel
mailing list