[pve-devel] pve-firewall : ebtables

Stefan Priebe - Profihost AG s.priebe at profihost.ag
Tue Jul 15 10:48:34 CEST 2014


Am 15.07.2014 06:39, schrieb Alexandre Derumier:
> Hi,
> here the ebtables patches, details are in commits.
> 
> Please comment, feel free to change and adapt them.

Some questions:
1.) Is there any reason you generally allowed IPv4 and IPv6? Personally
i would like to allow IPv4 but block IPv6.

2.) Generally i would like to see the macfilter enabled for iptables and
ebtables even if the network card has firewall=0 but the vm has
firewall=1. Does this makes sense?

Stefan



More information about the pve-devel mailing list