> Why we shull now use separate programs or Xtables-addons they need more and
> must been patched the OS and get a risk, that the host then not runs?
I never suggested to use Xtables. Instead, I posted an example here:
http://pve.proxmox.com/pipermail/pve-devel/2014-October/013009.html
___
> It is a replacement for the bios. You can load ovmf.fd with the -L option for
> QEMU.
>
> You can download binary copies of ovmf.fd
> from: http://tianocore.github.io/ovmf/
You tested that? (Note: It does not work for me)
___
pve-devel mailing lis
>>Alexandre what's about your IPv6 and brfilter patches? I think they can get
>>integrated into pve test?
I'm waiting for Dietmar review ;)
- Mail original -
De: "Stefan Priebe - Profihost AG"
À: "Detlef Bracker"
Cc: pve-devel@pve.proxmox.com, "Alexandre DERUMIER"
Envoyé: Mardi
> >>Alexandre what's about your IPv6 and brfilter patches? I think they can get
> integrated into pve test?
>
> I'm waiting for Dietmar review ;)
I am waiting for a ebtables solution - else we can't proceed.
___
pve-devel mailing list
pve-devel@pve.prox
Am 29.10.2014 um 10:14 schrieb Dietmar Maurer:
Alexandre what's about your IPv6 and brfilter patches? I think they can get
>> integrated into pve test?
>>
>> I'm waiting for Dietmar review ;)
>
> I am waiting for a ebtables solution - else we can't proceed.
There won't be an ebtables soluti
> > I am waiting for a ebtables solution - else we can't proceed.
>
> There won't be an ebtables solution. The package maintainers will wait for
> nftables...
>
> So the only solution is to rebuild ebtables as an pve package by just
> deleting the
> rm lines for ebtables-restore and ebtables-sav
> Your blacklist works only on the host, when the pve-firewall for the host is
> activated.
> The same only for containers, when their container is firewall is activated!
You need to add additional properties to the iptables rules then, for example
the target ip
of the containers.
> Our 2nd blac
