[libvirt-users] network filtering
Osier Yang
jyang at redhat.com
Wed Nov 17 07:46:34 UTC 2010
于 2010年11月17日 15:42, Anton Gorlov 写道:
> 14.11.2010 23:19, Osier Yang пишет:
>
>>> virsh start freebsd8.2
>>> error: Failed to start domain freebsd8.2
>>> error: internal error IP parameter must be given since libvirt was not
>>> compiled with IP address learning support
>>> what do I do wrong?
>> Just as the error says, your libvirt is not compiled with "libpcap",
>> filter "no-ip-spoofing" has a variable "$IP", which needs "IP learning"
>> of network filter driver to generate automatically.
>> To work around it, recompile it with "--with-libpcap" or set "$IP"
>> by hand.
>
> This filters working in kernel space or user?
it's based on iptables/ebtables, and also ip6tables in future.
so, it uses these tools in userspace, works with according
kernel module support, e.g. iptables_nat, ebtables, etc.
- Osier
More information about the libvirt-users
mailing list