[pve-devel] [PATCH] openvz : add tag and firewall options to veth

Alexandre Derumier aderumier at odiso.com
Tue May 6 14:17:37 CEST 2014 

allow to defined vlan tag and to disable firewall for a specific veth interface

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 PVE/OpenVZ.pm |    9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/PVE/OpenVZ.pm b/PVE/OpenVZ.pm
index aa6f502..53d4ef7 100644
--- a/PVE/OpenVZ.pm
+++ b/PVE/OpenVZ.pm
@@ -514,13 +514,16 @@ sub parse_netif {
 
     foreach my $iface (split (/;/, $data)) {
 	my $d = {};
+	$d->{firewall} = 1;
 	foreach my $pv (split (/,/, $iface)) {
-	    if ($pv =~ m/^(ifname|mac|bridge|host_ifname|host_mac|mac_filter)=(.+)$/) {
+	    if ($pv =~ m/^(ifname|mac|bridge|host_ifname|host_mac|mac_filter|tag|firewall)=(.+)$/) {
 		if ($1 eq 'host_ifname') {
 		    $d->{$1} = $2;
 		    $host_ifnames->{$2} = $1;
 		} elsif ($1 eq 'mac_filter') {
 		    $d->{$1} = parse_boolean('mac_filter', $2);
+		} elsif ($1 eq 'firewall') {
+		    $d->{firewall} = undef if $2 == 0;
 		} else {
 		    $d->{$1} = $2;
 		}		
@@ -554,6 +557,8 @@ sub print_netif {
     $res .= ",host_ifname=$net->{host_ifname}" if $net->{host_ifname};
     $res .= ",host_mac=$net->{host_mac}" if $net->{host_mac};
     $res .= ",bridge=$net->{bridge}" if $net->{bridge};
+    $res .= ",tag=$net->{tag}" if $net->{tag};
+    $res .= ",bridge=$net->{firewall}" if $net->{firewall};
 
     if (defined($net->{mac_filter}) && !$net->{mac_filter}) {
 	$res .= ",mac_filter=off"; # 'on' is the default
@@ -1118,6 +1123,8 @@ sub update_ovz_config {
 	    $ifadd .= $newif->{$ifname}->{host_ifname} ? ",$newif->{$ifname}->{host_ifname}" : ',';
 	    $ifadd .= $newif->{$ifname}->{host_mac} ? ",$newif->{$ifname}->{host_mac}" : ',';
 	    $ifadd .= $newif->{$ifname}->{bridge} ? ",$newif->{$ifname}->{bridge}" : '';
+	    $ifadd .= $newif->{$ifname}->{tag} ? ",$newif->{$ifname}->{tag}" : '';
+	    $ifadd .= $newif->{$ifname}->{firewall} ? ",$newif->{$ifname}->{firewall}" : '';
 	    
 	    # not possible with current vzctl
 	    #$ifadd .= $newif->{$ifname}->{mac_filter} ? ",$newif->{$ifname}->{mac_filter}" : '';
-- 
1.7.10.4

More information about the pve-devel mailing list