> >>'-A PVEFW-FORWARD -o fwbr+ -j PVEFW-FWBR-IN', '-A PVEFW-FORWARD
> -i
> >>fwbr+ -j PVEFW-FWBR-OUT',
> >>
> >>So that we do not depend on those 'link' names?
>
> Not possible, both -i fwbr -o fwbr are always defined, we can find the
> direction we need to use physin or physout.
>
> IN=fwbr110i0 OUT=fwbr110i0 PHYSIN=link110i0p PHYSOUT=tap110i0
So we can use:
-A PVEFW-FORWARD -i fwbr+ -m physdev --physdev-is-bridged --physdev-out
tap+ -j PVEFW-FWBR-IN
-A PVEFW-FORWARD -I fwbr+ -m physdev --physdev-is-bridged --physdev-in
tap+ -j PVEFW-FWBR-OUT
?
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
