>>So, maybe can we forbid iplist in vm rules ? (now we have ipset for this)
Note, I thinked that it was breaking the digest (always updating the chain), but it's not the case. So we can keep it. ----- Mail original ----- De: "Alexandre DERUMIER" <[email protected]> À: "pve-devel" <[email protected]> Envoyé: Mardi 1 Avril 2014 12:07:17 Objet: [pve-devel] pve-firewall : src/dest rules with ip list, give 2 rules Hi, I just notice that iptables -A FORWARD -s 192.168.0.1,192.168.0.2 -j ACCEPT give us: iptable-save -A FORWARD -s 192.168.0.1/32 -j ACCEPT -A FORWARD -s 192.168.0.2/32 -j ACCEPT So, maybe can we forbid iplist in vm rules ? (now we have ipset for this) (I also find a bug with --src-range, I'll send patch) _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
