[pve-devel] RFC : iptables implementation
Dietmar Maurer
dietmar at proxmox.com
Wed Jan 22 07:19:28 CET 2014
> what do you think about it ?
>
>
>
> iptables -F
> iptables -X
>
> iptables -N tap110i0-out
> iptables -N tap110i0-in
> #out
> iptables -A FORWARD -m physdev --physdev-is-bridged --physdev-in tap110i0 -j
> tap110i0-out
> #in
> iptables -A FORWARD -m physdev --physdev-is-bridged --physdev-out tap110i0 -j
> tap110i0-in
I am not sure if that model correctly handle traffic form one VM to another (traffic from VM1 to VM2)?
Because you would need to apply out rules for VM1, the in rules for VM2.
Does that work - if so how?
More information about the pve-devel
mailing list