> I see 3 cases: > > ethX->tap-in : > -------------- > incoming ethX is not firewall > tap-in do the ACCEPT > > tap out->tap in : > ---------------- > tap-out do the RETURN > tap-in do the ACCEPT > > tap out->ethX : > --------------- > tap-out do the RETURN, > so we need an accept for ethX
What about this case: ethX->unmanaged-tap : -------------- incoming ethX is not firewall outgoing tap is not managed by our firewall _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
