[pve-devel] pve-firewall : disabling conntrack for non firewalled vms
Alexandre DERUMIER
aderumier at odiso.com
Mon Apr 28 05:51:22 CEST 2014
just for the record, we should disable conntrack on non firewall interfaces
iptables -t raw -A PREROUTING -i interface -j NOTRACK
(maybe with a wildcard or a devgroup)
More information about the pve-devel
mailing list