]> git.ipfire.org Git - thirdparty/libvirt.git/commit
projects / thirdparty / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6dcd9c0) | patch
nwfilter: changes to rules in VM->host table
authorStefan Berger <stefanb@us.ibm.com>
Tue, 19 Oct 2010 15:35:58 +0000 (11:35 -0400)
committerStefan Berger <stefanb@us.ibm.com>
Tue, 19 Oct 2010 15:35:58 +0000 (11:35 -0400)
commit7d79da247a47343743364799cac65b148759fe6e
tree36cee65ccec8aaa27b88c7ed549e80571f6a0ed2tree
parent6dcd9c0d15f381045c8f706f947ff5e00326fcc1commit | diff
nwfilter: changes to rules in VM->host table

In the table built for traffic coming from the VM going to the host make the following changes:

- don't ACCEPT the packets but do a 'RETURN' and let the host-specific firewall rules in subsequent rules evaluate whether the traffic is allowed to enter

- use the '-m state' in the rules as everywhere else
src/nwfilter/nwfilter_ebiptables_driver.c diff | blob | blame | history
Mirror of https://github.com/libvirt/libvirt.git