On 14.03.2014 21:57, Edison Su wrote:
Add a fix: e5c391fcf3852e50ebd99d4a72fd51d1753b05eb on 4.3-forward
branch.
I do see the rule coming on the kvm host:
-A FORWARD -o cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0
-A FORWARD -i cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0
-A FORWARD -o cloudbr0 -j DROP
-A FORWARD -i cloudbr0 -j DROP
There seems to be a problem with the fixed script, too. The first rule
applied to a SG doesn't really get applied on the hypervisor, once you
add more rules the first rule get activated as well. I have replaced
your script with the one from 4.2.1 and that one works as expected.
I'll do more testing tomorrow.
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
