On 09/24/2010 12:01 PM, Eric Blake wrote:
On 09/23/2010 09:53 AM, Stefan Berger wrote:
The patch below reports a warning in the log if the generated
ip(6)tables rules would not be effective due to the proc filesystem entries

/proc/sys/net/bridge/bridge-nf-call-iptables
/proc/sys/net/bridge/bridge-nf-call-ip6tables

containing a '0'. The warning tells the user what to do. I am
rate-limiting the warning message to appear only every 10 seconds.

ACK; looks like a reasonable way to warn about the issue, leaving the resolution in the user's hands to either update the kernel state or rewrite their nwfilter rules to not rely on iptables.

Pushed.
   Stefan

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Reply via email to