[libvirt] [PATCH] nwfilter: changes to rules in VM->host table
Daniel Veillard
veillard at redhat.com
Tue Oct 19 10:31:26 UTC 2010
On Thu, Oct 14, 2010 at 01:29:31PM -0400, Stefan Berger wrote:
> In the table built for traffic coming from the VM going to the host
> make the following changes:
>
> - don't ACCEPT the packets but do a 'RETURN' and let the
> host-specific firewall rules in subsequent rules evaluate whether
> the traffic is allowed to enter
> - use the '-m state' in the rules as everywhere else
>
> Signed-off-by: Stefan Berger <stefanb at us.ibm.com>
ACK,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel at veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
More information about the libvir-list
mailing list