[pve-devel] pve-firewall : ebtables
Dietmar Maurer
dietmar at proxmox.com
Tue Jul 15 13:14:21 CEST 2014
> With my patches, currently, the rules are applied both iptables and ip6tables.
> (exception if a ipv4 src|dst exist in a rule,ipset,.. it's just skipped in ip6tables)
>
> I think it's better than manage twice the rules for ipv4 and ipv6 (manage
> ipsetv6, groupv6, rulesv6,...).
Sure, that is OK so far.
What I want is an additional option, so that I can drop all ipv6 traffic for example:
IN DROP -v6
by default, a rules apply to ipv4 and ipv6, so there is no need to manage twice.
More information about the pve-devel
mailing list