[CRIU] [PATCH 1/3] net: dump iptables for ipv6

Thu Sep 17 08:09:02 PDT 2015

From: Andrew Vagin <avagin at openvz.org>

Signed-off-by: Andrew Vagin <avagin at openvz.org>
---
 image-desc.c         |  1 +
 include/image-desc.h |  1 +
 include/magic.h      |  1 +
 net.c                | 21 +++++++++++++++++++--
 4 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/image-desc.c b/image-desc.c
index 773f2fa..6140ed6 100644
--- a/image-desc.c
+++ b/image-desc.c
@@ -74,6 +74,7 @@ struct cr_fd_desc_tmpl imgset_template[CR_FD_MAX] = {
 	FD_ENTRY_F(IFADDR,	"ifaddr-%d", O_NOBUF),
 	FD_ENTRY_F(ROUTE,	"route-%d", O_NOBUF),
 	FD_ENTRY_F(IPTABLES,	"iptables-%d", O_NOBUF),
+	FD_ENTRY_F(IP6TABLES,	"ip6tables-%d", O_NOBUF),
 	FD_ENTRY_F(TMPFS_IMG,	"tmpfs-%d.tar.gz", O_NOBUF),
 	FD_ENTRY_F(TMPFS_DEV,	"tmpfs-dev-%d.tar.gz", O_NOBUF),
 	FD_ENTRY(TTY_FILES,	"tty"),
diff --git a/include/image-desc.h b/include/image-desc.h
index c93e98f..709b595 100644
--- a/include/image-desc.h
+++ b/include/image-desc.h
@@ -40,6 +40,7 @@ enum {
 	CR_FD_IFADDR,
 	CR_FD_ROUTE,
 	CR_FD_IPTABLES,
+	CR_FD_IP6TABLES,
 	CR_FD_NETNS,
 	_CR_FD_NETNS_TO,
 
diff --git a/include/magic.h b/include/magic.h
index f739759..c497329 100644
--- a/include/magic.h
+++ b/include/magic.h
@@ -95,6 +95,7 @@
 #define TMPFS_IMG_MAGIC		RAW_IMAGE_MAGIC
 #define TMPFS_DEV_MAGIC		RAW_IMAGE_MAGIC
 #define IPTABLES_MAGIC		RAW_IMAGE_MAGIC
+#define IP6TABLES_MAGIC		RAW_IMAGE_MAGIC
 
 #define PAGES_OLD_MAGIC		PAGEMAP_MAGIC
 #define SHM_PAGES_OLD_MAGIC	PAGEMAP_MAGIC
diff --git a/net.c b/net.c
index 4af1402..6dc026e 100644
--- a/net.c
+++ b/net.c
@@ -562,8 +562,17 @@ static inline int dump_route(struct cr_imgset *fds)
 
 static inline int dump_iptables(struct cr_imgset *fds)
 {
-	struct cr_img *img = img_from_set(fds, CR_FD_IPTABLES);
-	return run_iptables_tool("iptables-save", -1, img_raw_fd(img));
+	struct cr_img *img;
+
+	img = img_from_set(fds, CR_FD_IPTABLES);
+	if (run_iptables_tool("iptables-save", -1, img_raw_fd(img)))
+		return -1;
+
+	img = img_from_set(fds, CR_FD_IP6TABLES);
+	if (run_iptables_tool("ip6tables-save", -1, img_raw_fd(img)))
+		return -1;
+
+	return 0;
 }
 
 static int dump_netns_conf(struct cr_imgset *fds)
@@ -630,6 +639,14 @@ static inline int restore_iptables(int pid)
 		ret = run_iptables_tool("iptables-restore", img_raw_fd(img), -1);
 		close_image(img);
 	}
+	if (ret)
+		return ret;
+
+	img = open_image(CR_FD_IP6TABLES, O_RSTR, pid);
+	if (img) {
+		ret = run_iptables_tool("ip6tables-restore", img_raw_fd(img), -1);
+		close_image(img);
+	}
 
 	return ret;
 }
-- 
2.4.3

