On 10/30/2012 03:18 PM, Gene Czarcinski wrote: > Three FORWARD chain rules are added and two INPUT chain rules > are added when a network is started but only the FORWARD chain > rules are removed when the network is destroyed. > --- > src/network/bridge_driver.c | 2 ++ > 1 file changed, 2 insertions(+) ACK and pushed. > > diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c > index f814f6f..3dbf009 100644 > --- a/src/network/bridge_driver.c > +++ b/src/network/bridge_driver.c > @@ -1578,6 +1578,8 @@ networkRemoveGeneralIp6tablesRules(struct network_driver *driver, > if (!virNetworkDefGetIpByIndex(network->def, AF_INET6, 0)) > return; > > + iptablesRemoveUdpInput(driver->iptables, AF_INET6, network->def->bridge, 53); > + iptablesRemoveTcpInput(driver->iptables, AF_INET6, network->def->bridge, 53); > iptablesRemoveForwardAllowCross(driver->iptables, AF_INET6, network->def->bridge); > iptablesRemoveForwardRejectIn(driver->iptables, AF_INET6, network->def->bridge); > iptablesRemoveForwardRejectOut(driver->iptables, AF_INET6, network->def->bridge); > -- Eric Blake eblake@xxxxxxxxxx +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list