[pve-devel] pve-firewall : src/dest rules with ip list, give 2 rules

Alexandre DERUMIER aderumier at odiso.com
Tue Apr 1 12:07:17 CEST 2014


Hi,

I just notice that

iptables -A FORWARD -s 192.168.0.1,192.168.0.2 -j ACCEPT


give us:
iptable-save

-A FORWARD -s 192.168.0.1/32 -j ACCEPT
-A FORWARD -s 192.168.0.2/32 -j ACCEPT


So, maybe can we forbid iplist in vm rules ?  (now we have ipset for this)


(I also find a bug with --src-range, I'll send patch)






More information about the pve-devel mailing list