[pve-devel] [PATCH] optimize bridge chains
Dietmar Maurer
dietmar at proxmox.com
Tue Feb 25 10:40:09 CET 2014
> >>confused - does it work, or is there something we need to fix?
>
> Well, the rules seem good, I have tested them and it's working fine.
>
> But I don't known why it's hanging when testing the hash...
do we reall need all those chains ?
-A PVEFW-FORWARD -o vmbr0 -m physdev --physdev-is-bridged -j vmbr0
-A vmbr0 -m physdev --physdev-is-bridged --physdev-is-in -j vmbr0-OUT
-A vmbr0 -m physdev --physdev-is-bridged --physdev-is-out -j vmbr0-IN
-A vmbr0-IN -m physdev --physdev-out tap100i0 --physdev-is-bridged -j tap100i0-IN
-A vmbr0-OUT -m physdev --physdev-in tap100i0 --physdev-is-bridged -j tap100i0-OUT
can't we jump from PVEFW-FORWARD directly A vmbr0-IN/vmbr0-OUT ?
More information about the pve-devel
mailing list