I made a copy of linux-lts-backport-natty: 2.6.38-13.56~lucid1 into https://launchpad.net/~nutznboltz/+archive/lp-931806-testing and installed that on a KVM server.
by default now: net.bridge.bridge-nf-call-iptables = 1 VM guest is firewalled off, can only reach the VM host. If I run: $ sudo sysctl -w net.bridge.bridge-nf-call-iptables=0 net.bridge.bridge-nf-call-iptables = 0 Then the VM guest can access the network. This is the same behavior I see on Ubuntu 12.04 (developer branch). I don't remember seeing this on a 2.6.38 backport to Lucid before. During 12.04 testing I had to add this: case node[:lsb][:codename] when 'precise' # Ubuntu 12.04 iptables FORWARD section will control the bridge (bridging) by default. # Without the following adjustment VM guests' network will not be reachable # beyond the VM host when the FORWARD policy is set to DROP or REJECT. # Adjust firewall immediately execute "/sbin/sysctl -w 'net.bridge.bridge-nf-call-iptables=0'" do only_if { File.exists?('/proc/sys/net/bridge') } end # Also at boot time execute "echo 'net.bridge.bridge-nf-call-iptables=0' >> /etc/sysctl.conf" do only_if do File.exists?('/proc/sys/net/bridge') && \ File.open("/etc/sysctl.conf").grep(/^net.bridge.bridge-nf-call-iptables=0/).empty? end end end -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/931806 Title: linux-lts-backport-natty: 2.6.38-13.56~lucid1 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/931806/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs