Hi all,
Now I want to drop the icmp and ssh packets from one virtual machine. My virtual machine openflow port id is 6. Now I use the command line: 1. drop ping ovs-ofctl add-flow br-int "in_port=6, dl_type=0x0800, nw_proto=1, priority=100, actions=DROP" 2. drop ssh packets ovs-ofctl add-flow br-int "in_port=6, dl_type=0x800, nw_proto=6, tp_dst=22, priority=100, actions=DROP" This is my dump flow info: cookie=0x0, duration=332434.320s, table=0, n_packets=24097, n_bytes=2172521, idle_age=6, hard_age=65534, priority=1 actions=NORMAL cookie=0x0, duration=543.561s, table=0, n_packets=0, n_bytes=0, idle_age=543, priority=100,tcp,in_port=6,tp_dst=22 actions=drop cookie=0x0, duration=804.178s, table=0, n_packets=0, n_bytes=0, idle_age=804, priority=100,icmp,in_port=6 actions=drop When I use ping and ssh in my virtual machine, it always go to the default NORMAL flow entry. It does not go to my flow entries. This made me very confused and can not find why. Can anybody give me some advices? BTW, what is the meaning for the default flow entry? I can not understand the action "NORMAL". When my two virtual machines attached to ovs bridge, the flow entry is just default flow. Why I can ping and ssh successfully? The default linux bridge, I know that it has the mac learning functionality. However, in ovs, it tranfser the packets based on flow entry. So I want to know what is acutal meaning for the default flow entry?
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
