[libvirt] [PATCH] examples: Add clean-traffic-gateway into nwfilters
This filter should be used to limit traffic between VMs based on their MAC adddresses. The MAC address can be set with GATEWAY_MAC and mask with GATEWAY_MAC_MASK variable. Signed-off-by: Ales Musil --- examples/xml/nwfilter/clean-traffic-gateway.xml | 36 + 1 file changed, 36 insertions(+) create mode 100644 examples/xml/nwfilter/clean-traffic-gateway.xml diff --git a/examples/xml/nwfilter/clean-traffic-gateway.xml b/examples/xml/nwfilter/clean-traffic-gateway.xml new file mode 100644 index 000..d1e7c81 --- /dev/null +++ b/examples/xml/nwfilter/clean-traffic-gateway.xml @@ -0,0 +1,36 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv2] examples: Add clean-traffic-gateway into nwfilters
The filter purpose is to simulate isolated private VLAN. The behavior can be achieved by limiting network traffic to traffic between VM and gateway. Because there is no concept of the PVLAN in the linux bridge. The filter also contains parts from clean-traffic to prevent VM from spoofing its IP and MAC address. To use this filter the user just needs to set the GATEWAY_MAC variable to gateway MAC address. Signed-off-by: Ales Musil --- examples/xml/nwfilter/clean-traffic-gateway.xml | 34 + 1 file changed, 34 insertions(+) create mode 100644 examples/xml/nwfilter/clean-traffic-gateway.xml diff --git a/examples/xml/nwfilter/clean-traffic-gateway.xml b/examples/xml/nwfilter/clean-traffic-gateway.xml new file mode 100644 index 000..b8c2040 --- /dev/null +++ b/examples/xml/nwfilter/clean-traffic-gateway.xml @@ -0,0 +1,34 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
