>>But feel free to try with iptables directly if you think that is easier.
Ok, I'll do test this week.
- Mail original -
De: "Dietmar Maurer"
À: "Alexandre DERUMIER"
Cc: "pve-devel"
Envoyé: Lundi 20 Janvier 2014 10:07:29
Objet: RE: [pve
> By the way, any reason to use shorewall instead iptables directly ?
>
I simply do not have the know-how.
> I'm reading openstack and cloustack firewall code, implementation is not too
> difficult
My feeling is that we can avoid many problems using shorewall, because that
code is known to be s
lexandre DERUMIER" , "pve-devel"
Envoyé: Lundi 20 Janvier 2014 07:22:33
Objet: RE: [pve-devel] pve-firewall questions
> i'm begin to read pve-firewall README
> https://git.proxmox.com/?p=pve-
> firewall.git;a=blob;f=README;h=0d90df5b54f10cd38cbc11895744296fc7
> i'm begin to read pve-firewall README
> https://git.proxmox.com/?p=pve-
> firewall.git;a=blob;f=README;h=0d90df5b54f10cd38cbc11895744296fc7479126
> ;hb=b486ed3b930807586eb1038c60682d5e8a8637f8
>
> About zones:
>
> >>We simply define one zone for each bridge/vm pair.
>
>
> So, we need to defin
