Jayapal,You say "you can add the below rules on that host" the rules I provided is a direct extract of what rules that are listed presently. Would I simply duplicate the same rules to allow a secondary IP to pass through, or is it more involved then that?Also, you mention a manipulation required in
you can add the below rules on the host.
Also you need to update the iptables filter rules.
You need to add rules on host in vm reboot, on VM reboot the old rules get
added on host.
Thanks,
Jayapal
On 21-Aug-2013, at 6:49 AM, Maurice Lawler wrote:
> It would seem to be perhaps I can add somet
It would seem to be perhaps I can add something via this segment in the
security policy.
try:
193 # -s ! 52:54:0:56:44:32 -j DROP
194 execute("ebtables -t nat -A PREROUTING -i " + vif + " -j " +
vmchain_in)
195 execute("ebtables -t nat -A POSTROUTING -o " +
Well, it depends on how you edit the security_group.py script, it
certainly wouldn't have to open up everything. You could add a
one-liner in there that would pass the instance name to a separate
script that looked up the vm in a table or database and applied extra
rules (in post_default_network_ru
Greetings,
Does anyone have experience in adding a secondary IP address (by way of
altering the ebtables / security script) in basic networking mode (KVM)
I have reviewed the script that is called to setup the ebtables, but if I alter
that, I would believe that would open all ports on all my i
