[pve-devel] pvefw: using ctmark to associacte connections to VMs
Alexandre DERUMIER
aderumier at odiso.com
Sat Mar 1 08:46:00 CET 2014
>>Since each VM uses distinct interfaces for all their traffic, wouldn't it be simpler to just list connections through each of those?
AFAIK, you can't use netstat on host, to show connections on guest tap interfaces
----- Mail original -----
De: "Daniel Hunsaker" <danhunsaker at gmail.com>
À: "Dietmar Maurer" <dietmar at proxmox.com>
Cc: "Alexandre DERUMIER" <aderumier at odiso.com>, pve-devel at pve.proxmox.com
Envoyé: Vendredi 28 Février 2014 19:06:41
Objet: Re: [pve-devel] pvefw: using ctmark to associacte connections to VMs
Since each VM uses distinct interfaces for all their traffic, wouldn't it be simpler to just list connections through each of those?
On Feb 28, 2014 10:47 AM, "Dietmar Maurer" < dietmar at proxmox.com > wrote:
I wonder if we can use ctmark to associate connections with VMs?
So that we can parse /proc/net/nf_conntrack to list open connections for a VM.
Is that reasonable, or are there some hidden disadvantages? Or are there other
ways to do that?
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list