Re: [libvirt] [PATCH] nwfilter: changes to rules in VM->host table
On Thu, Oct 14, 2010 at 01:29:31PM -0400, Stefan Berger wrote:
In the table built for traffic coming from the VM going to the host
make the following changes:
- don't ACCEPT the packets but do a 'RETURN' and let the
host-specific firewall rules in subsequent rules evaluate whether
the traffic is allowed to enter
- use the '-m state' in the rules as everywhere else
Signed-off-by: Stefan Berger <stefanb(a)us.ibm.com>
ACK,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/