Hello,
I was reading about OpenVSwitch and really appreciated the concept. I am a
newbie and do not have a good understanding of OVS yet. I installed OVS and
and I was able to create a bridge reading the instructions.
I read that ebtables is useless in case of OVS and ovs-ofctl can do things
similar to ebtables.
I want to filter packets for port 80 http traffic only. For this when I was
using ebtables operating on a Linux bridge. But with ovs I was able to add
flow but I am not sure on how to get the *ebtables -j DROP* type
functionality using OVS.
The commands which I used with ovs-ofctl ware as follow:
*
*
*ovs-ofctl add-flow br0 "in_port=ANY out_port=ANY action=NORMAL" # for my
bridge traffic*
*ovs-ofctl add-flow br0 "in_port=1 tcp, tp_src=80 action=NORMAL"*
*ovs-ofctl add-flow br0 "in_port=2 tcp, tp_dst=80 action=NORMAL"*
I also tried using action=LOCAL but then I was not able to use port 80
traffic below the bridge.
Any help on this will be appreciated. If there is some documentation out
there with examples for a similar case kindly redirect me to it.
PS: I have no VMs in my system and I was wondering whether I can use
the capabilities of OVS bridge which is transparent to VLAN trunk where I
can filter port 80 traffic from different VLAN.
{Router, Gateway}
| |
| |
| |{VLAN TRUNK}
{OVS- BRIDGE}
| |
| |
| |{Local Network}
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
