[pve-devel] disabling iptables on bridge by default (like rhel6 and rhev) ?

Alexandre DERUMIER aderumier at odiso.com
Wed Mar 7 09:02:51 CET 2012

Do you think people use iptables to filter "inside" the bridge, to filter traffic between vm on the same bridge ? 

I think most people are firewalling from vm to outside world ?

original redhat bugzilla


----- Mail original ----- 

De: "Dietmar Maurer" <dietmar at proxmox.com> 
À: "Alexandre DERUMIER" <aderumier at odiso.com>, pve-devel at pve.proxmox.com 
Envoyé: Mercredi 7 Mars 2012 08:49:14 
Objet: RE: [pve-devel] disabling iptables on bridge by default (like rhel6 and rhev) ? 

> > I use these parameters since 1 year now, witthout any problem. 
> Well, that will break all(most) firewalls people run on PVE? 

Or do you assume that any serious firewall script set those flags anyways? 

I am a bit scared because I am aware of some people using iptables directly. 

- Dietmar 



	Alexandre D erumier 
Ingénieur Système 
Fixe : 03 20 68 88 90 
Fax : 03 20 68 90 81 
45 Bvd du Général Leclerc 59100 Roubaix - France 
12 rue Marivaux 75002 Paris - France 

More information about the pve-devel mailing list