[pve-devel] pve-firewall : ebtables
Alexandre DERUMIER
aderumier at odiso.com
Tue Jul 15 11:41:09 CEST 2014
>>But swap fails due to type missmatch. First one is hash:net and 2nd one
>>is list:set.
Are you sure it was not a previously generated PVEFW-0-venet0, before applying my patches ?
can you try to force a
iptables -F
iptables -X
ipset -F
ipset -X
----- Mail original -----
De: "Stefan Priebe - Profihost AG" <s.priebe at profihost.ag>
À: "Alexandre Derumier" <aderumier at odiso.com>, pve-devel at pve.proxmox.com
Envoyé: Mardi 15 Juillet 2014 11:35:59
Objet: Re: [pve-devel] pve-firewall : ebtables
Am 15.07.2014 10:48, schrieb Stefan Priebe - Profihost AG:
>
> Am 15.07.2014 06:39, schrieb Alexandre Derumier:
>> Hi,
>> here the ebtables patches, details are in commits.
>>
>> Please comment, feel free to change and adapt them.
The code generates the following ipset stuff:
Name: PVEFW-0-venet0
Type: hash:net
Header: family inet hashsize 64 maxelem 64
Size in memory: 1424
References: 4
Members:
later it tries this
input destroy PVEFW-0-venet0_swap
create PVEFW-0-venet0_swap list:set size 4
swap PVEFW-0-venet0_swap PVEFW-0-venet0
flush PVEFW-0-venet0_swap
destroy PVEFW-0-venet0_swap
But swap fails due to type missmatch. First one is hash:net and 2nd one
is list:set.
Stefan
More information about the pve-devel
mailing list