On Wed, 2009-11-04 at 12:55 +0000, Daniel P. Berrange wrote:
On Tue, Nov 03, 2009 at 11:50:52PM +0100, Daniel Veillard wrote: ... Mark pointed out to me offlist, that this filtering is a little too restrictive because it also blocks multicast + broadcast packets. We can fix that easily enough with an extra patch though, and a single catch-all rule for multi/broad-cast packets.
Daniel something like the following?
ebtables -A libvirt_qemu_FORWARD -p ARP -j ACCEPT any other multi/broad-cast packets you/Mark had in mind? -- Best regards, Gerhard Stenzel, ----------------------------------------------------------------------------------------------------------------------------------- IBM Deutschland Research & Development GmbH Vorsitzender des Aufsichtsrats: Martin Jetter Geschäftsführung: Erich Baier Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294