On 2/23/23 14:26, Dr. Omran via discuss wrote: > Hello guys, > > i want to do this rule but instead of giving the destination as ip, i want to > say a destination that is not equal to 10.147.20.0/24 <http://10.147.20.0/24> > > ovs-ofctl add-flow br0 > "priority=200,ip,nw_dst=192.168.188.0/24,in_port=enp1s0f0,actions=drop" > > how do you do it?
You either carefully craft multiple rules that cover all the subnets outside of 192.168.188.0/24, or you create a high priority rule that matches on 192.168.188.0/24 and does something else (jumps to another tbale, for example) and have a lower priority rule that doesn't have a match on nw_dst and drops all the traffic, e.g.: priority=200,in_port=enp1s0f0,ip,nw_dst=192.168.188.0/24,actions=do_something_else priority=199,in_port=enp1s0f0,ip,actions=drop Best regards, Ilya Maximets. _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
