[pve-devel] disabling iptables on bridge by default (like rhel6 and rhev) ?

Alexandre DERUMIER aderumier at odiso.com
Wed Mar 7 09:02:51 CET 2012


Do you think people use iptables to filter "inside" the bridge, to filter traffic between vm on the same bridge ? 

I think most people are firewalling from vm to outside world ?

original redhat bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=512206

----- Mail original ----- 

De: "Dietmar Maurer" <dietmar at proxmox.com> 
À: "Alexandre DERUMIER" <aderumier at odiso.com>, pve-devel at pve.proxmox.com 
Envoyé: Mercredi 7 Mars 2012 08:49:14 
Objet: RE: [pve-devel] disabling iptables on bridge by default (like rhel6 and rhev) ? 

> > I use these parameters since 1 year now, witthout any problem. 
> 
> Well, that will break all(most) firewalls people run on PVE? 

Or do you assume that any serious firewall script set those flags anyways? 

I am a bit scared because I am aware of some people using iptables directly. 

- Dietmar 




-- 

-- 




	Alexandre D erumier 
Ingénieur Système 
Fixe : 03 20 68 88 90 
Fax : 03 20 68 90 81 
45 Bvd du Général Leclerc 59100 Roubaix - France 
12 rue Marivaux 75002 Paris - France 
	


More information about the pve-devel mailing list