[pve-devel] [PATCH 1/8] bypass firewall for non firewall bridges
Alexandre Derumier
aderumier at odiso.com
Wed Apr 30 10:56:30 CEST 2014
Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
src/PVE/Firewall.pm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index c4bc308..3ea095c 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -2652,6 +2652,9 @@ sub compile {
ruleset_create_chain($ruleset, "PVEFW-OUTPUT");
ruleset_create_chain($ruleset, "PVEFW-FORWARD");
+ #bypass firewall for non firewalled bridge
+ ruleset_addrule($ruleset, "PVEFW-FORWARD", "! -i fwbr+ -j ACCEPT");
+
my $hostfw_options = $hostfw_conf->{options} || {};
--
1.7.10.4
More information about the pve-devel
mailing list