[pve-devel] [PATCH 1/4] bypass firewall for non firewall bridges
Alexandre Derumier
aderumier at odiso.com
Fri May 9 09:46:44 CEST 2014
Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
src/PVE/Firewall.pm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 398a015..36b9323 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -2619,6 +2619,9 @@ sub compile {
ruleset_create_chain($ruleset, "PVEFW-OUTPUT");
ruleset_create_chain($ruleset, "PVEFW-FORWARD");
+ #bypass firewall for non firewalled bridge
+ ruleset_addrule($ruleset, "PVEFW-FORWARD", "! -i fwbr+ -j ACCEPT");
+
my $hostfw_options = $hostfw_conf->{options} || {};
--
1.7.10.4
More information about the pve-devel
mailing list