[pve-devel] pve-firewall : ebtables

Alexandre DERUMIER aderumier at odiso.com
Tue Jul 15 11:41:09 CEST 2014


>>But swap fails due to type missmatch. First one is hash:net and 2nd one 
>>is list:set. 

Are you sure it was not a previously generated PVEFW-0-venet0, before applying my patches ?

can you try to force a

iptables -F
iptables -X
ipset -F
ipset -X


----- Mail original ----- 

De: "Stefan Priebe - Profihost AG" <s.priebe at profihost.ag> 
À: "Alexandre Derumier" <aderumier at odiso.com>, pve-devel at pve.proxmox.com 
Envoyé: Mardi 15 Juillet 2014 11:35:59 
Objet: Re: [pve-devel] pve-firewall : ebtables 


Am 15.07.2014 10:48, schrieb Stefan Priebe - Profihost AG: 
> 
> Am 15.07.2014 06:39, schrieb Alexandre Derumier: 
>> Hi, 
>> here the ebtables patches, details are in commits. 
>> 
>> Please comment, feel free to change and adapt them. 


The code generates the following ipset stuff: 

Name: PVEFW-0-venet0 
Type: hash:net 
Header: family inet hashsize 64 maxelem 64 
Size in memory: 1424 
References: 4 
Members: 

later it tries this 
input destroy PVEFW-0-venet0_swap 
create PVEFW-0-venet0_swap list:set size 4 
swap PVEFW-0-venet0_swap PVEFW-0-venet0 
flush PVEFW-0-venet0_swap 
destroy PVEFW-0-venet0_swap 


But swap fails due to type missmatch. First one is hash:net and 2nd one 
is list:set. 



Stefan 


More information about the pve-devel mailing list