network: save network status when firewall rules are reloaded

In the case that a new version of libvirt is started that uses
different rules to build the network firewall, we need to re-save the
status so that when the network is destroyed (or the *next* time
libvirt is restarted and wants to remove/re-add the firewall), it will
have the proper information to perform the firewall removal.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>

diff --git a/src/conf/virnetworkobj.c b/src/conf/virnetworkobj.c
index f5db4c5804e9a39c281da0d04d41a91e527b764a..19305798cba7cb13a8db731e9a69f3caef2993a9 100644 (file)
--- a/src/conf/virnetworkobj.c
+++ b/src/conf/virnetworkobj.c
@@ -834,6 +834,7 @@ virNetworkObjSaveStatus(const char *statusDir,
     int flags = 0;
     g_autofree char *xml = NULL;
 
+    VIR_DEBUG("Writing network status to disk");
     if (!(xml = virNetworkObjFormat(obj, xmlopt, flags)))
         return -1;
 

diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 3c175786fe72da57707d033bd4a26807f58e3f17..32572c755fb1ab164425810edd883343f78b7be5 100644 (file)
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -1686,6 +1686,7 @@ networkReloadFirewallRulesHelper(virNetworkObj *obj,
     VIR_LOCK_GUARD lock = virObjectLockGuard(obj);
     virNetworkDef *def = virNetworkObjGetDef(obj);
     virFirewall *fwRemoval = NULL;
+    bool saveStatus = false;
 
     if (virNetworkObjIsActive(obj)) {
         switch ((virNetworkForwardType) def->forward.type) {
@@ -1700,6 +1701,7 @@ networkReloadFirewallRulesHelper(virNetworkObj *obj,
             networkRemoveFirewallRules(obj);
             ignore_value(networkAddFirewallRules(def, cfg->firewallBackend, &fwRemoval));
             virNetworkObjSetFwRemoval(obj, fwRemoval);
+            saveStatus = true;
             break;
 
         case VIR_NETWORK_FORWARD_OPEN:
@@ -1717,6 +1719,11 @@ networkReloadFirewallRulesHelper(virNetworkObj *obj,
         }
     }
 
+    if (saveStatus) {
+        ignore_value(virNetworkObjSaveStatus(cfg->stateDir, obj,
+                                             network_driver->xmlopt));
+    }
+
     return 0;
 }
 
@@ -2366,7 +2373,6 @@ networkStartNetwork(virNetworkDriverState *driver,
     /* Persist the live configuration now that anything autogenerated
      * is setup.
      */
-    VIR_DEBUG("Writing network status to disk");
     if (virNetworkObjSaveStatus(cfg->stateDir,
                                 obj, network_driver->xmlopt) < 0)
         goto cleanup;