[libvirt] [PATCH] docs: fix incorrect info about routed networks
Laine Stump
laine at laine.org
Thu Oct 20 19:29:48 UTC 2011
In a recent expansion of the documentation on network forward modes, I
incorrectly stated that incoming sessions to guests on routed networks
were blocked. This is true for guests on NATed networks, but not
routed. This patch corrects that error, and adds a pointer to the
nwfilter page for those who do want to restrict incoming sessions to
hosts on routed networks.
---
docs/formatnetwork.html.in | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in
index e06392b..02302fa 100644
--- a/docs/formatnetwork.html.in
+++ b/docs/formatnetwork.html.in
@@ -134,12 +134,12 @@
attribute is set, firewall rules will restrict forwarding
to the named device only. This presumes that the local LAN
router has suitable routing table entries to return
- traffic to this host. Firewall rules are also installed
- that prevent incoming sessions from the physical network
- to the guests, but outgoing sessions are unrestricted (as
- are sessions from the host to the guests, and between
- guests on the same network.)<span class="since">Since
- 0.4.2</span>
+ traffic to this host. All incoming and outgoing sessions
+ to guest on these networks are unrestricted. (To restrict
+ incoming traffic to a guest on a routed network, you can
+ configure <a href="formatnwfilter.html">nwfilter rules</a>
+ on the guest's interfaces.)
+ <span class="since">Since 0.4.2</span>
</dd>
<dt><code>bridge</code></dt>
--
1.7.6.4
More information about the libvir-list
mailing list