From patchwork Fri Apr 15 22:01:07 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cole Robinson X-Patchwork-Id: 65977 Delivered-To: patch@linaro.org Received: by 10.140.93.198 with SMTP id d64csp166476qge; Fri, 15 Apr 2016 15:04:21 -0700 (PDT) X-Received: by 10.140.247.68 with SMTP id s65mr29202840qhc.72.1460757861583; Fri, 15 Apr 2016 15:04:21 -0700 (PDT) Return-Path: Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com. [209.132.183.25]) by mx.google.com with ESMTPS id f33si22831932qkh.115.2016.04.15.15.04.20 (version=TLS1 cipher=AES128-SHA bits=128/128); Fri, 15 Apr 2016 15:04:21 -0700 (PDT) Received-SPF: pass (google.com: domain of libvir-list-bounces@redhat.com designates 209.132.183.25 as permitted sender) client-ip=209.132.183.25; Authentication-Results: mx.google.com; spf=pass (google.com: domain of libvir-list-bounces@redhat.com designates 209.132.183.25 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id u3FM1BjK025024; Fri, 15 Apr 2016 18:01:12 -0400 Received: from int-mx13.intmail.prod.int.phx2.redhat.com (int-mx13.intmail.prod.int.phx2.redhat.com [10.5.11.26]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id u3FM1AbY026496 for ; Fri, 15 Apr 2016 18:01:10 -0400 Received: from colepc.redhat.com (ovpn-113-40.phx2.redhat.com [10.3.113.40]) by int-mx13.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u3FM19qT017648; Fri, 15 Apr 2016 18:01:10 -0400 From: Cole Robinson To: libvirt-list@redhat.com Date: Fri, 15 Apr 2016 18:01:07 -0400 Message-Id: <98d6ef74ddf625f4a24ee7d02f4355b4970caaa5.1460757667.git.crobinso@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.26 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH] docs: domain: Document network X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com The proper nwfilter docs go into full detail, but we should still have a brief bit about domain XML in the domain documentation --- docs/formatdomain.html.in | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) -- 2.7.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 9bcef6a..f6ce22d 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -4908,6 +4908,47 @@ qemu-kvm -net nic,model=? /dev/null <model> element is mandatory.

+
Traffic filtering with NWFilter
+ +

+ Since 0.8.0 an nwfilter profile + can be assigned to an interface device, which allows configuring + traffic filter rules for the virtual machine. + + See the nwfilter documentation for more + complete details. +

+ +
+  ...
+  <devices>
+    <interface ...>
+      ...
+      <filterref filter='clean-traffic'/>
+    </interface>
+    <interface ...>
+      ...
+      <filterref filter='myfilter'>
+        <parameter name='IP' value='104.207.129.11'/>
+        <parameter name='IP6_ADDR' value='2001:19f0:300:2102::'/>
+        <parameter name='IP6_MASK' value='64'/>
+        ...
+      </filterref>
+    </interface>
+  </devices>
+  ...
+ +

+ The <filterref> filter attribute + specifies the name of the nwfilter + to use. Optional <parameter> values may be + specified for passing additional info to the nwfilter via the + name and value attributes. See + the nwfilter + docs for info on parameters. +

+ +

Input devices