Re: [pve-devel] [PATCH] use linko+ name for ovs fwbrint interfaces

Dietmar Maurer Tue, 13 May 2014 00:42:19 -0700

> we need to match link+ rule from iptables rules, and need to have a name
> different than link(\d+)i(\d+), for distinguished bridge/ovs interface unplug



We currently generate:
    '-A PVEFW-FORWARD -m physdev --physdev-is-bridged --physdev-in link+ -j 
PVEFW-FWBR-IN',
    '-A PVEFW-FORWARD -m physdev --physdev-is-bridged --physdev-out link+ -j 
PVEFW-FWBR-OUT',

 
Can't we simply do something like:

    '-A PVEFW-FORWARD -o fwbr+ -j PVEFW-FWBR-IN',
    '-A PVEFW-FORWARD -i fwbr+  -j PVEFW-FWBR-OUT',

So that we do not depend on those 'link' names?
  

_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Re: [pve-devel] [PATCH] use linko+ name for ovs fwbrint interfaces

Reply via email to