[pve-devel] pve-firewall : ebtables

Alexandre DERUMIER aderumier at odiso.com
Tue Jul 15 13:07:50 CEST 2014


>>I guess we need both (else you cannot write rules for a specified version?)

With my patches, currently, the rules are applied both iptables and ip6tables.
(exception if a ipv4 src|dst exist in a rule,ipset,.. it's just skipped in ip6tables)

I think it's better than manage twice the rules for ipv4 and ipv6 (manage ipsetv6, groupv6, rulesv6,...).






----- Mail original ----- 

De: "Dietmar Maurer" <dietmar at proxmox.com> 
À: "Alexandre DERUMIER" <aderumier at odiso.com> 
Cc: pve-devel at pve.proxmox.com, "Stefan Priebe - Profihost AG" <s.priebe at profihost.ag> 
Envoyé: Mardi 15 Juillet 2014 12:55:38 
Objet: RE: [pve-devel] pve-firewall : ebtables 

> >>[OPTIONS] 
> >>allowed_versions: ipv4|ipv6|both 
> 
> yes, I think it's better than in rules. 

I guess we need both (else you cannot write rules for a specified version?) 


More information about the pve-devel mailing list