[pve-devel] [PATCH] use linko+ name for ovs fwbrint interfaces
Alexandre DERUMIER
aderumier at odiso.com
Thu May 15 07:47:08 CEST 2014
>>I assume that they have most basic optimizations, unless someone shows me the opposite.
ok.
Do you want that I assemble a patch with -i vnet0 && -m set --match-set PVEFW-venet0-ipset src ?
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Jeudi 15 Mai 2014 07:09:33
Objet: RE: [pve-devel] [PATCH] use linko+ name for ovs fwbrint interfaces
> >>Or do you think kernel/netfilter will do this lookup
> >>unconditionally/always
>
> I'm not sure but, I think it's doing both test. (-i vnet0 && -m set --match-set
> PVEFW-venet0-ipset src).
>
Doing this would be really stupid
> But I'm not iptables expert, maybe they have already optimized this ;)
I assume that they have most basic optimizations, unless someone shows me the opposite.
More information about the pve-devel
mailing list