diff options
Diffstat (limited to 'results/classifier/105/other/1261450')
| -rw-r--r-- | results/classifier/105/other/1261450 | 111 |
1 files changed, 111 insertions, 0 deletions
diff --git a/results/classifier/105/other/1261450 b/results/classifier/105/other/1261450 new file mode 100644 index 000000000..47f058f80 --- /dev/null +++ b/results/classifier/105/other/1261450 @@ -0,0 +1,111 @@ +mistranslation: 0.975 +other: 0.972 +graphic: 0.965 +assembly: 0.961 +KVM: 0.960 +vnc: 0.956 +device: 0.955 +network: 0.945 +socket: 0.939 +instruction: 0.932 +semantic: 0.919 +boot: 0.880 + +libvirtd reload and hooks problem routed-net + +if we do a reload of libvirt, some iptables rules, which are created through /etc/libvirt/hooks/qemu are not working anymore. +Every time a other (one or two,thee) vm is affected. + + +our qemu file: + +#!/bin/bash + + +do_net() { + local status=$2 + local ip=$3 + local in=$4 + local out=$5 + + if [[ ! $status || ! $ip || ! $in || ! $out ]]; then + echo "Not all parameters were passed!" + exit 1 + fi + + if [ "$status" = "stopped" -o "$status" = "reconnect" ]; then + ip route del $ip via 191.255.255.1 dev $out + ip neigh del proxy $ip dev $in + iptables -D FORWARD -i $in -o $out -s 0.0.0.0/0 -d $ip/32 -j ACCEPT + iptables -D FORWARD -i $out -o $in -s $ip/32 -d 0.0.0.0/0 -j ACCEPT + fi + + if [ "$status" = "start" -o "$status" = "reconnect" ]; then + ip route add $ip via 191.255.255.1 dev $out + ip neigh add proxy $ip dev $in + iptables -I FORWARD 4 -i $in -o $out -s 0.0.0.0/0 -d $ip/32 -j ACCEPT + iptables -I FORWARD 4 -i $out -o $in -s $ip/32 -d 0.0.0.0/0 -j ACCEPT + fi +} + +CONF=//etc/libvirt/hooks/vms/* +for file in $CONF +do + guest_ipaddr="" + guest_name="" + type="" + destination="0.0.0.0/0" + + while read line; do + eval $line + done < $file + guest_ipaddrnet=$guest_ipaddr"/32" + for dest in ${destination} + do + if [ "${1}" = "${guest_name}" ]; then + echo "SRC-IP="$guest_ipaddr " " $guest_ipaddrnet " VM="$guest_name " Dest="$dest + if [ "${2}" = "stopped" ]; then + ip route del $guest_ipaddr via 191.255.255.1 dev virbr1 + ip neigh del proxy $guest_ipaddr dev bond0 + iptables -D FORWARD -i bond0 -o virbr1 -s $dest -d $guest_ipaddrnet -j ACCEPT + iptables -D FORWARD -i virbr1 -o bond0 -s $guest_ipaddrnet -d $dest -j ACCEPT + fi + if [ "${2}" = "start" ]; then + ip route add $guest_ipaddr via 191.255.255.1 dev virbr1 + ip neigh add proxy $guest_ipaddr dev bond0 + iptables -I FORWARD 4 -i bond0 -o virbr1 -s $dest -d $guest_ipaddrnet -j ACCEPT + iptables -I FORWARD 4 -i virbr1 -o bond0 -s $guest_ipaddrnet -d $dest -j ACCEPT + fi + if [ "${2}" = "reconnect" ]; then + ip route del $guest_ipaddr via 191.255.255.1 dev virbr1 + ip neigh del proxy $guest_ipaddr dev bond0 + iptables -D FORWARD -i bond0 -o virbr1 -s $dest -d $guest_ipaddrnet -j ACCEPT + iptables -D FORWARD -i virbr1 -o bond0 -s $guest_ipaddrnet -d $dest -j ACCEPT + sleep 1 + ip route add $guest_ipaddr via 191.255.255.1 dev virbr1 + ip neigh add proxy $guest_ipaddr dev bond0 + iptables -I FORWARD 4 -i bond0 -o virbr1 -s $dest -d $guest_ipaddrnet -j ACCEPT + iptables -I FORWARD 4 -i virbr1 -o bond0 -s $guest_ipaddrnet -d $dest -j ACCEPT + fi + fi + done +done + +On Mon, Dec 16, 2013 at 05:00:51PM -0000, Chris Weltzien wrote: +> if we do a reload of libvirt, some iptables rules, which are created through /etc/libvirt/hooks/qemu are not working anymore. +> Every time a other (one or two,thee) vm is affected. + +Please report this to the libvirt project: +http://libvirt.org/bugs.html + +Stefan + + +Hi, + +we have a workaround for that. We´ve add sleep ${RANDOM:0:1}.${RANDOM:-1:1} between the IP Tables rules. The Problem is, that IP tables cannot execute twice or more times simultaneously. + +Cheers Tim + +Closing, since this is not a QEMU bug. + |