If the filter is disabled, don't go through it.
Signed-off-by: zhanghailiang <zhang.zhanghaili...@huawei.com>
---
include/net/filter.h | 5 +++++
net/net.c | 4 ++++
2 files changed, 9 insertions(+)
diff --git a/include/net/filter.h b/include/net/filter.h
index 9ed5ec6..d797ee4 100644
--- a/include/net/filter.h
+++ b/include/net/filter.h
@@ -74,6 +74,11 @@ ssize_t qemu_netfilter_pass_to_next(NetClientState *sender,
int iovcnt,
void *opaque);
+static inline bool qemu_need_skip_netfilter(NetFilterState *nf)
+{
+ return nf->enabled ? false : true;
+}
+
void netfilter_print_info(NetFilterState *nf, char *output_str, int size);
#endif /* QEMU_NET_FILTER_H */
diff --git a/net/net.c b/net/net.c
index 87de7c0..ec43105 100644
--- a/net/net.c
+++ b/net/net.c
@@ -581,6 +581,10 @@ static ssize_t filter_receive_iov(NetClientState *nc,
NetFilterState *nf = NULL;
QTAILQ_FOREACH(nf, &nc->filters, next) {
+ /* Don't go through filter if it is off */
+ if (qemu_need_skip_netfilter(nf)) {
+ continue;
+ }
ret = qemu_netfilter_receive(nf, direction, sender, flags, iov,
iovcnt, sent_cb);
if (ret) {
--
1.8.3.1
