OK, but where do you remove stale tap chains? (if someone removes a network device from the VM)
if the vm in online,just call flush_tap_rules($net,$netid,$vmid) in tap_unplug? and if the vm is shutdown, the tap chain is already removed on vm_stop. ----- Mail original ----- De: "Dietmar Maurer" <[email protected]> À: "Alexandre DERUMIER" <[email protected]> Cc: [email protected] Envoyé: Jeudi 13 Février 2014 17:56:18 Objet: RE: [pve-devel] pve-firewall : iptables V2 > It's mainly to not add a rule twice,mainly in bridge chains or other parent > chains. > But never in a tap chain. OK, but where do you remove stale tap chains? (if someone removes a network device from the VM) _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
