[pve-devel] venet firewall broken?
Alexandre DERUMIER
aderumier at odiso.com
Mon May 12 09:51:05 CEST 2014
>>Seems it also breaks container to host.
could this help ?
venet0->host
-------------
-A PVEFW-INPUT -i venet0 -m set --match-set PVEFW-venet0 src-j MARK --set-mark 1
-A PVEFW-INPUT -j PVEFW-HOST-IN
-A PVEFW-HOST-IN -p tcp -m tcp --dport 22 -g PVEFW-ACCEPT-VENET-IN
-A PVEFW-ACCEPT-VENET-IN -m mark --mark 1 -j PVEFW-VENET-IN
-A PVEFW-ACCEPT-VENET-IN -j ACCEPT
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Lundi 12 Mai 2014 08:48:30
Objet: RE: venet firewall broken?
> container to container ?
>
> venet0->venet0 ?
>
>
> Damn, I don't have tested this case.
Seems it also breaks container to host.
More information about the pve-devel
mailing list