On 2/17/2014 1:43 AM, Jan Hoersch wrote:
>
> Hey Guys,
>
> Does anybody have any idea on this subject? Or does anybody experience
> the same problem?
If you send us the output of 'shorewall dump' taken immediately after
the VM is restarted (so that it isn't working), we can take a look.
-Tom
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey Guys,
Does anybody have any idea on this subject? Or does anybody experience
the same problem?
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJTAdmq
On 02/06/2014 01:33 PM, Simon Hobson wrote:
> Jan Hoersch wrote:
>
>> Sorry for the misconception, but we are not using the vif name in our rules.
>> There's one host configured with the ip adresses. (see /etc/shorewall/hosts)
>> The rules are using: domu: to firewall individual guests
>> ACCEPT
Jan Hoersch wrote:
> Sorry for the misconception, but we are not using the vif name in our rules.
> There's one host configured with the ip adresses. (see /etc/shorewall/hosts)
> The rules are using: domu: to firewall individual guests
> ACCEPT all domu:10.1.2.153 tcp
Sorry for the misconception, but we are not using the vif name in our rules.
There's one host configured with the ip adresses. (see /etc/shorewall/hosts)
/etc/shorewall/hosts
domuxenbr0:10.1.2.153,10.1.2.36, routeback
The rules are using: domu: to firewall individual guests
ACCEPT al
Jan Hoersch wrote:
> During restart of the VM the vif gets removed and newly assigned to the
> bridge. It seems something changed in enumerating the vif and the
> iptable rules don't match up with the new vif.
Yes, that's normal. The VM index increments each time a VM is started - the
first wil
