[pve-devel] question about --physdev-is-bridged

Fri May 9 12:29:01 CEST 2014

question inline in comment:

PVEFW-FORWARD (PWr857P4rPwHEhsbPd76p/1y4oQ)
                -A PVEFW-FORWARD -i venet0 -s 192.168.3.104 -j venet0-104-OUT
                -A PVEFW-FORWARD -m conntrack --ctstate INVALID -j DROP
                -A PVEFW-FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
                -A PVEFW-FORWARD -m physdev --physdev-in link+ -j PVEFW-FWBR-IN # why don't we use '--physdev-is-bridged' here?
                -A PVEFW-FORWARD -m physdev --physdev-is-bridged --physdev-out link+ -j PVEFW-FWBR-OUT
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-devel/attachments/20140509/40e74292/attachment.htm>