const char *target;
bool hasMask = false;
virFirewallRulePtr fwrule;
- int ret = -1;
g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
if (STREQ(chainSuffix,
if (printDataType(vars, \
field, sizeof(field), \
&rule->p.STRUCT.ITEM) < 0) \
- goto cleanup; \
+ return -1; \
virFirewallRuleAddArg(fw, fwrule, CLI); \
if (ENTRY_WANT_NEG_SIGN(&rule->p.STRUCT.ITEM)) \
virFirewallRuleAddArg(fw, fwrule, "!"); \
if (printDataType(vars, \
field, sizeof(field), \
&rule->p.STRUCT.ITEM) < 0) \
- goto cleanup; \
+ return -1; \
virFirewallRuleAddArg(fw, fwrule, CLI); \
if (ENTRY_WANT_NEG_SIGN(&rule->p.STRUCT.ITEM)) \
virFirewallRuleAddArg(fw, fwrule, "!"); \
if (printDataType(vars, \
fieldalt, sizeof(fieldalt), \
&rule->p.STRUCT.ITEM_HI) < 0) \
- goto cleanup; \
+ return -1; \
virFirewallRuleAddArgFormat(fw, fwrule, \
"%s%s%s", field, SEP, fieldalt); \
} else { \
vars,
&rule->p.ethHdrFilter.ethHdr,
reverse) < 0)
- goto cleanup;
+ return -1;
if (HAS_ENTRY_ITEM(&rule->p.ethHdrFilter.dataProtocolID)) {
if (printDataTypeAsHex(vars,
number, sizeof(number),
&rule->p.ethHdrFilter.dataProtocolID) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule, "-p");
if (ENTRY_WANT_NEG_SIGN(&rule->p.ethHdrFilter.dataProtocolID))
virFirewallRuleAddArg(fw, fwrule, "!");
vars,
&rule->p.vlanHdrFilter.ethHdr,
reverse) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgList(fw, fwrule,
"-p", "0x8100", NULL);
vars,
&rule->p.stpHdrFilter.ethHdr,
reverse) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgList(fw, fwrule,
"-d", NWFILTER_MAC_BGA, NULL);
vars,
&rule->p.arpHdrFilter.ethHdr,
reverse) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule, "-p");
virFirewallRuleAddArgFormat(fw, fwrule, "0x%x",
if (printDataType(vars,
number, sizeof(number),
&rule->p.arpHdrFilter.dataHWType) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule, "--arp-htype");
if (ENTRY_WANT_NEG_SIGN(&rule->p.arpHdrFilter.dataHWType))
virFirewallRuleAddArg(fw, fwrule, "!");
if (printDataType(vars,
number, sizeof(number),
&rule->p.arpHdrFilter.dataOpcode) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule, "--arp-opcode");
if (ENTRY_WANT_NEG_SIGN(&rule->p.arpHdrFilter.dataOpcode))
virFirewallRuleAddArg(fw, fwrule, "!");
if (printDataTypeAsHex(vars,
number, sizeof(number),
&rule->p.arpHdrFilter.dataProtocolType) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule, "--arp-ptype");
if (ENTRY_WANT_NEG_SIGN(&rule->p.arpHdrFilter.dataProtocolType))
virFirewallRuleAddArg(fw, fwrule, "!");
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
&rule->p.arpHdrFilter.dataARPSrcIPAddr) < 0)
- goto cleanup;
+ return -1;
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPSrcIPMask)) {
if (printDataType(vars,
ipmask, sizeof(ipmask),
&rule->p.arpHdrFilter.dataARPSrcIPMask) < 0)
- goto cleanup;
+ return -1;
hasMask = true;
}
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
&rule->p.arpHdrFilter.dataARPDstIPAddr) < 0)
- goto cleanup;
+ return -1;
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPDstIPMask)) {
if (printDataType(vars,
ipmask, sizeof(ipmask),
&rule->p.arpHdrFilter.dataARPDstIPMask) < 0)
- goto cleanup;
+ return -1;
hasMask = true;
}
if (printDataType(vars,
macaddr, sizeof(macaddr),
&rule->p.arpHdrFilter.dataARPSrcMACAddr) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--arp-mac-dst" : "--arp-mac-src");
if (printDataType(vars,
macaddr, sizeof(macaddr),
&rule->p.arpHdrFilter.dataARPDstMACAddr) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--arp-mac-src" : "--arp-mac-dst");
vars,
&rule->p.ipHdrFilter.ethHdr,
reverse) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgList(fw, fwrule,
"-p", "ipv4", NULL);
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
&rule->p.ipHdrFilter.ipHdr.dataSrcIPAddr) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--ip-destination" : "--ip-source");
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipHdrFilter.ipHdr.dataSrcIPMask) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgFormat(fw, fwrule,
"%s/%s", ipaddr, number);
} else {
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
&rule->p.ipHdrFilter.ipHdr.dataDstIPAddr) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--ip-source" : "--ip-destination");
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipHdrFilter.ipHdr.dataDstIPMask) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgFormat(fw, fwrule,
"%s/%s", ipaddr, number);
} else {
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipHdrFilter.ipHdr.dataProtocolID) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule, "--ip-protocol");
if (ENTRY_WANT_NEG_SIGN(&rule->p.ipHdrFilter.ipHdr.dataProtocolID))
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipHdrFilter.portData.dataSrcPortStart) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--ip-destination-port" : "--ip-source-port");
if (printDataType(vars,
numberalt, sizeof(numberalt),
&rule->p.ipHdrFilter.portData.dataSrcPortEnd) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgFormat(fw, fwrule,
"%s:%s", number, numberalt);
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipHdrFilter.portData.dataDstPortStart) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--ip-source-port" : "--ip-destination-port");
if (printDataType(vars,
numberalt, sizeof(numberalt),
&rule->p.ipHdrFilter.portData.dataDstPortEnd) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgFormat(fw, fwrule,
"%s:%s", number, numberalt);
if (printDataTypeAsHex(vars,
number, sizeof(number),
&rule->p.ipHdrFilter.ipHdr.dataDSCP) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule, "--ip-tos");
if (ENTRY_WANT_NEG_SIGN(&rule->p.ipHdrFilter.ipHdr.dataDSCP))
vars,
&rule->p.ipv6HdrFilter.ethHdr,
reverse) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgList(fw, fwrule,
"-p", "ipv6", NULL);
if (printDataType(vars,
ipv6addr, sizeof(ipv6addr),
&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPAddr) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--ip6-destination" : "--ip6-source");
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPMask) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgFormat(fw, fwrule,
"%s/%s", ipv6addr, number);
} else {
if (printDataType(vars,
ipv6addr, sizeof(ipv6addr),
&rule->p.ipv6HdrFilter.ipHdr.dataDstIPAddr) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--ip6-source" : "--ip6-destination");
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipv6HdrFilter.ipHdr.dataDstIPMask) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgFormat(fw, fwrule,
"%s/%s", ipv6addr, number);
} else {
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipv6HdrFilter.ipHdr.dataProtocolID) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule, "--ip6-protocol");
if (ENTRY_WANT_NEG_SIGN(&rule->p.ipv6HdrFilter.ipHdr.dataProtocolID))
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipv6HdrFilter.portData.dataSrcPortStart) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--ip6-destination-port" : "--ip6-source-port");
if (printDataType(vars,
numberalt, sizeof(numberalt),
&rule->p.ipv6HdrFilter.portData.dataSrcPortEnd) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgFormat(fw, fwrule,
"%s:%s", number, numberalt);
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipv6HdrFilter.portData.dataDstPortStart) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArg(fw, fwrule,
reverse ? "--ip6-source-port" : "--ip6-destination-port");
if (printDataType(vars,
numberalt, sizeof(numberalt),
&rule->p.ipv6HdrFilter.portData.dataDstPortEnd) < 0)
- goto cleanup;
+ return -1;
virFirewallRuleAddArgFormat(fw, fwrule,
"%s:%s", number, numberalt);
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipv6HdrFilter.dataICMPTypeStart) < 0)
- goto cleanup;
+ return -1;
lo = true;
} else {
ignore_value(virStrcpyStatic(number, "0"));
if (printDataType(vars,
numberalt, sizeof(numberalt),
&rule->p.ipv6HdrFilter.dataICMPTypeEnd) < 0)
- goto cleanup;
+ return -1;
} else {
if (lo)
ignore_value(virStrcpyStatic(numberalt, number));
if (printDataType(vars,
number, sizeof(number),
&rule->p.ipv6HdrFilter.dataICMPCodeStart) < 0)
- goto cleanup;
+ return -1;
lo = true;
} else {
ignore_value(virStrcpyStatic(number, "0"));
if (printDataType(vars,
numberalt, sizeof(numberalt),
&rule->p.ipv6HdrFilter.dataICMPCodeEnd) < 0)
- goto cleanup;
+ return -1;
} else {
if (lo)
ignore_value(virStrcpyStatic(numberalt, number));
#undef INST_ITEM_2PARMS
#undef INST_ITEM
- ret = 0;
- cleanup:
- return ret;
+ return 0;
}
projects / libvirt.git / commitdiff