[pve-devel] RFC : iptables implementation

Dietmar Maurer dietmar at proxmox.com
Wed Jan 22 08:12:33 CET 2014


> >>I am not sure if that model correctly handle traffic form one VM to another
> (traffic from VM1 to VM2)?
> >>Because you would need to apply out rules for VM1, the in rules for VM2.
> >>Does that work - if so how?
> 
> Well, is like to have 2vms behind 2 firewalls.

OK, so I just believe you that this will work ;-) 
(I just wonder why shorewall need those forwarding chains if it work without)

Next step would be to write a prototype to show that it actually works.




More information about the pve-devel mailing list