@@ -49,6 +49,7 @@ NetFilterState *qemu_new_net_filter(NetFilterInfo *info,
const char *model,
const char *name,
int chain);
+void qemu_del_net_filter(NetFilterState *nf);
void netfilter_add(QemuOpts *opts, Error **errp);
void qmp_netfilter_add(QDict *qdict, QObject **ret, Error **errp);
@@ -58,7 +58,7 @@ static void qemu_cleanup_net_filter(NetFilterState *nf)
g_free(nf);
}
-static void qemu_del_net_filter(NetFilterState *nf)
+void qemu_del_net_filter(NetFilterState *nf)
{
/* handle multi queue? */
qemu_cleanup_net_filter(nf);
@@ -417,6 +417,8 @@ void qemu_del_net_client(NetClientState *nc)
{
NetClientState *ncs[MAX_QUEUE_NUM];
int queues, i;
+ Filter *filter, *next;
+ QemuOpts *opts;
assert(nc->info->type != NET_CLIENT_OPTIONS_KIND_NIC);
@@ -428,6 +430,18 @@ void qemu_del_net_client(NetClientState *nc)
MAX_QUEUE_NUM);
assert(queues != 0);
+ /*
+ * we delete/free the netfilter object attached to this netdev
+ * multiqueue netfilter is not supported now, so only delete
+ * nc->filters is enough.
+ */
+ QTAILQ_FOREACH_SAFE(filter, &nc->filters, next, next) {
+ opts = qemu_opts_find(qemu_find_opts_err("netfilter", NULL),
+ filter->nf->name);
+ qemu_del_net_filter(filter->nf);
+ qemu_opts_del(opts);
+ }
+
/* If there is a peer NIC, delete and cleanup client, but do not free. */
if (nc->peer && nc->peer->info->type == NET_CLIENT_OPTIONS_KIND_NIC) {
NICState *nic = qemu_get_nic(nc->peer);
When we delete the netdev, we also delete the netfilter object attached to it, because if the netdev is removed, the filters which attached to it is useless. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> --- include/net/filter.h | 1 + net/filter.c | 2 +- net/net.c | 14 ++++++++++++++ 3 files changed, 16 insertions(+), 1 deletion(-)