I just notice that in
ruleset_create_vm_chain{
...
if (!(defined($options->{dhcp}) && $options->{dhcp} == 0)) {
ruleset_addrule($ruleset, $chain, "-p udp -m udp --dport 67:68 -j
ACCEPT");
}
..} we create the rule in both direction, and with an ACCEPT. is it normal ? (we should never do an accept in tap-out chain) _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
