diff mbox

[ovs-dev,1/3] ovn-northd: Limit line length to under 80 columns.

Message ID 1459222535-63648-1-git-send-email-jpettit@ovn.org
State Accepted
Headers show

Commit Message

Justin Pettit March 29, 2016, 3:35 a.m. UTC 
Signed-off-by: Justin Pettit <jpettit@ovn.org>
---
 ovn/northd/ovn-northd.c | 34 +++++++++++++++++++---------------
 1 file changed, 19 insertions(+), 15 deletions(-)

Comments

Russell Bryant April 6, 2016, 3:24 p.m. UTC | #1 
On Mon, Mar 28, 2016 at 11:35 PM, Justin Pettit <jpettit@ovn.org> wrote:

> Signed-off-by: Justin Pettit <jpettit@ovn.org>
> ---
>  ovn/northd/ovn-northd.c | 34 +++++++++++++++++++---------------
>  1 file changed, 19 insertions(+), 15 deletions(-)
>

Acked-by: Russell Bryant <russell@ovn.org>
diff mbox

Patch

diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c
index 4b1d611..302cc1d 100644
--- a/ovn/northd/ovn-northd.c
+++ b/ovn/northd/ovn-northd.c
@@ -1329,7 +1329,6 @@  build_acls(struct ovn_datapath *od, struct hmap *lflows, struct hmap *ports)
 {
     bool has_stateful = has_stateful_acl(od);
     struct ovn_port *op;
-    struct ds match_in, match_out;
 
     /* Ingress and Egress Pre-ACL Table (Priority 0): Packets are
      * allowed by default. */
@@ -1348,22 +1347,27 @@  build_acls(struct ovn_datapath *od, struct hmap *lflows, struct hmap *ports)
     if (has_stateful) {
         HMAP_FOR_EACH (op, key_node, ports) {
             if (op->od == od && !strcmp(op->nbs->type, "router")) {
-                /* Can't use ct() for router ports. Consider the following configuration:
-                lp1(10.0.0.2) on hostA--ls1--lr0--ls2--lp2(10.0.1.2) on hostB,
-                For a ping from lp1 to lp2, First, the response will go through ct()
-                with a zone for lp2 in the ls2 ingress pipeline on hostB.
-                That ct zone knows about this connection. Next, it goes through ct()
-                with the zone for the router port in the egress pipeline of ls2 on hostB.
-                This zone does not know about the connection, as the icmp request
-                went through the logical router on hostA, not hostB. This would only work
-                with distributed conntrack state across all chassis. */
-
-                ds_init(&match_in);
-                ds_init(&match_out);
+                /* Can't use ct() for router ports. Consider the
+                 * following configuration: lp1(10.0.0.2) on
+                 * hostA--ls1--lr0--ls2--lp2(10.0.1.2) on hostB, For a
+                 * ping from lp1 to lp2, First, the response will go
+                 * through ct() with a zone for lp2 in the ls2 ingress
+                 * pipeline on hostB.  That ct zone knows about this
+                 * connection. Next, it goes through ct() with the zone
+                 * for the router port in the egress pipeline of ls2 on
+                 * hostB.  This zone does not know about the connection,
+                 * as the icmp request went through the logical router
+                 * on hostA, not hostB. This would only work with
+                 * distributed conntrack state across all chassis. */
+                struct ds match_in = DS_EMPTY_INITIALIZER;
+                struct ds match_out = DS_EMPTY_INITIALIZER;
+
                 ds_put_format(&match_in, "ip && inport == %s", op->json_key);
                 ds_put_format(&match_out, "ip && outport == %s", op->json_key);
-                ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_ACL, 110, ds_cstr(&match_in), "next;");
-                ovn_lflow_add(lflows, od, S_SWITCH_OUT_PRE_ACL, 110, ds_cstr(&match_out), "next;");
+                ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_ACL, 110,
+                              ds_cstr(&match_in), "next;");
+                ovn_lflow_add(lflows, od, S_SWITCH_OUT_PRE_ACL, 110,
+                              ds_cstr(&match_out), "next;");
 
                 ds_destroy(&match_in);
                 ds_destroy(&match_out);