any comments for theses patches ?
----- Mail original ----- De: "Alexandre Derumier" <[email protected]> À: [email protected] Envoyé: Vendredi 7 Février 2014 16:22:26 Objet: [pve-devel] pve-firewall : iptables V2 changelog: add support for host firewall and group rules. It's use iptables-restore now, so rules are applied atomicaly Also, I don't use anymore return in inbound rule, but directly jump in outbound rules, so less rules lookup FORWARD chains lists are FORWARD--->proxmoxfw-FORWARD ----> BRIDGEFW-OUT --->VMBRX-OUT ------->TAPXX-OUT --->ACCEPT(==JUMP VMBRX-IN) --->GROUP-xxx-OUT --->ACCEPT(==JUMP BRIDGEFW-IN) ---->BRIDGEFW-IN ---->VMBRX-IN ------->TAPXX-IN ---->ACCEPT ---->GROUP-xxx-IN ----->ACCEPT Please test :) (config files sample for host,group,vm firewall are in commits) _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
