>>Since each VM uses distinct interfaces for all their traffic, wouldn't it be >>simpler to just list connections through each of those?
AFAIK, you can't use netstat on host, to show connections on guest tap interfaces ----- Mail original ----- De: "Daniel Hunsaker" <[email protected]> À: "Dietmar Maurer" <[email protected]> Cc: "Alexandre DERUMIER" <[email protected]>, [email protected] Envoyé: Vendredi 28 Février 2014 19:06:41 Objet: Re: [pve-devel] pvefw: using ctmark to associacte connections to VMs Since each VM uses distinct interfaces for all their traffic, wouldn't it be simpler to just list connections through each of those? On Feb 28, 2014 10:47 AM, "Dietmar Maurer" < [email protected] > wrote: I wonder if we can use ctmark to associate connections with VMs? So that we can parse /proc/net/nf_conntrack to list open connections for a VM. Is that reasonable, or are there some hidden disadvantages? Or are there other ways to do that? _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
