[pve-devel] pve-firewall : src/dest rules with ip list, give 2 rules

Alexandre DERUMIER aderumier at odiso.com
Tue Apr 1 12:07:17 CEST 2014

Previous message (by thread): [pve-devel] ipset names
Next message (by thread): [pve-devel] pve-firewall : src/dest rules with ip list, give 2 rules
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I just notice that

iptables -A FORWARD -s 192.168.0.1,192.168.0.2 -j ACCEPT


give us:
iptable-save

-A FORWARD -s 192.168.0.1/32 -j ACCEPT
-A FORWARD -s 192.168.0.2/32 -j ACCEPT


So, maybe can we forbid iplist in vm rules ?  (now we have ipset for this)


(I also find a bug with --src-range, I'll send patch)

Previous message (by thread): [pve-devel] ipset names
Next message (by thread): [pve-devel] pve-firewall : src/dest rules with ip list, give 2 rules
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the pve-devel mailing list