<div dir="ltr">Hello,<div><br></div><div>I would like to make filter that allows communication only between specified VMs. Those VMs should be specified by their MAC address. The filter should extend clean-traffic but I was not able to get it working with that reference. I have came up with modified clean-traffic which works fine [1]. Is there a way to achieve the same behavior with reference to clean-traffic? </div><div><br></div><div>Thank you. </div><div>Best wishes,<br>Ales Musil</div><div> </div><div><div>[1] </div><div><filter name='clean-traffic-gateway'></div><div><span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span><filterref filter='no-mac-spoofing'/></div><div> <span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span><filterref filter='no-ip-spoofing'/></div><div><span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span></div><div> <span style="white-space:pre"> </span><filterref filter='no-arp-spoofing'/></div><div><span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span></div><div> <span style="white-space:pre"> </span><rule action='accept' direction='inout' priority='-500'></div><div> <span style="white-space:pre"> </span><mac protocolid='arp'/></div><div> <span style="white-space:pre"> </span></rule></div><div><span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span><rule action='accept' direction='in'></div><div> <mac match='yes' srcmacaddr='$GATEWAY_MAC' </div><div><span style="white-space:pre"> </span>srcmacmask='$GATEWAY_MAC_MASK' /></div><div> </rule></div><div><span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span></div><div> <rule action='accept' direction='out'></div><div> <mac match='yes' dstmacaddr='$GATEWAY_MAC' </div><div><span style="white-space:pre"> </span>dstmacmask='$GATEWAY_MAC_MASK' /></div><div> </rule></div><div><span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span></div><div> <span style="white-space:pre"> </span><filterref filter='no-other-l2-traffic'/></div><div><br></div><div><span style="white-space:pre"> </span></div><div><span style="white-space:pre"> </span><filterref filter='qemu-announce-self'/></div><div></filter></div><div><br></div><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><p style="color:rgb(136,136,136);font-weight:bold;margin:0px;padding:0px;font-size:14px;text-transform:uppercase">ALES MUSIL</p><font color="#888888"><span style="font-size:10px;text-transform:uppercase">INTERN - rhv network</span></font><br><p style="margin:0px;font-size:10px;color:rgb(153,153,153)"><a href="https://www.redhat.com/" style="color:rgb(0,136,206);margin:0px;font-family:overpass,sans-serif" target="_blank">Red Hat EMEA</a></p><p style="margin:0px;font-size:10px;color:rgb(153,153,153)"><br></p><p style="margin:0px 0px 6px;font-size:10px;color:rgb(153,153,153)"><span style="margin:0px;padding:0px"><a href="mailto:amusil@redhat.com" style="color:rgb(0,136,206);margin:0px;font-family:overpass,sans-serif" target="_blank">amusil@redhat.com</a> </span> IM: amusil</p><table border="0" style="color:rgb(136,136,136);font-size:12.8px"><tbody><tr><td width="100px"><a href="https://red.ht/sig" style="color:rgb(17,85,204)" target="_blank"><img src="https://www.redhat.com/files/brand/email/sig-redhat.png" width="90" height="auto"></a></td></tr></tbody></table></div></div></div></div></div></div></div></div>