[pve-devel] firewall : cluster.fw [rules] section ?

Alexandre DERUMIER aderumier at odiso.com
Sat Jul 5 15:36:46 CEST 2014 

>>What about ICMP? among other things ICMP is used to optimize network 
>>traffic and QoS. 

yes, sure ;)  icmp and icmpv6 are included in IPV4 and IPV6

available ebtables protocol are :

cat /etc/ethertypes 

IPv4	 	0800  	ip ip4 		# Internet IP (IPv4)
X25		0805
ARP		0806	ether-arp	#
FR_ARP		0808    		# Frame Relay ARP        [RFC1701]
BPQ		08FF			# G8BPQ AX.25 Ethernet Packet
DEC		6000			# DEC Assigned proto
DNA_DL		6001			# DEC DNA Dump/Load
DNA_RC		6002			# DEC DNA Remote Console
DNA_RT		6003			# DEC DNA Routing
LAT		6004			# DEC LAT
DIAG		6005			# DEC Diagnostics
CUST		6006			# DEC Customer use
SCA		6007			# DEC Systems Comms Arch
TEB		6558             	# Trans Ether Bridging   [RFC1701]
RAW_FR  	6559                   	# Raw Frame Relay        [RFC1701]
AARP		80F3			# Appletalk AARP
ATALK		809B                  	# Appletalk
802_1Q		8100	8021q 1q 802.1q	dot1q # 802.1Q Virtual LAN tagged frame
IPX		8137			# Novell IPX
NetBEUI		8191			# NetBEUI
IPv6		86DD	ip6 		# IP version 6
PPP		880B                    # PPP
ATMMPOA		884C			# MultiProtocol over ATM
PPP_DISC	8863			# PPPoE discovery messages
PPP_SES		8864			# PPPoE session messages
ATMFATE		8884			# Frame-based ATM Transport over Ethernet
LOOP		9000	loopback 	# loop proto


----- Mail original ----- 

De: "Michael Rasmussen" <mir at datanom.net> 
À: pve-devel at pve.proxmox.com 
Envoyé: Samedi 5 Juillet 2014 14:52:04 
Objet: Re: [pve-devel] firewall : cluster.fw [rules] section ? 

On Sat, 05 Jul 2014 14:18:01 +0200 (CEST) 
Alexandre DERUMIER <aderumier at odiso.com> wrote: 

> >>Maybe simply: 
> >> 
> >>protocols: ARP, IPV4, IPV6 
> 
> No objection for me. 
> 
> @Stefan, do you think we need other protocols inside a vm ? 
> 
What about ICMP? among other things ICMP is used to optimize network 
traffic and QoS. 

-- 
Hilsen/Regards 
Michael Rasmussen 

Get my public GnuPG keys: 
michael <at> rasmussen <dot> cc 
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD3C9A00E 
mir <at> datanom <dot> net 
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE501F51C 
mir <at> miras <dot> org 
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE3E80917 
-------------------------------------------------------------- 
/usr/games/fortune -es says: 
Q: What's the difference between USL and the Titanic? 
A: The Titanic had a band. 

_______________________________________________ 
pve-devel mailing list 
pve-devel at pve.proxmox.com 
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

More information about the pve-devel mailing list