Op 17-1-2013 19:33, Eric Blake schreef:
On 01/17/2013 04:24 AM, Reinier Schoof wrote:
---
src/nwfilter/nwfilter_ebiptables_driver.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c
index 4fec52d..db2276c 100644
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -166,7 +166,7 @@ static const char ebiptables_script_set_ifs[] =
snprintf(buf, sizeof(buf), "%c%c-%s", prefix[0], prefix[1], ifname)
#define PHYSDEV_IN "--physdev-in"
-#define PHYSDEV_OUT "--physdev-out"
+#define PHYSDEV_OUT "--physdev-is-bridged --physdev-out"
Stefan ACKd in the other thread, so I've gone ahead and pushed this,
after amending the commit message to include details from the other thread.
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
Thanks for committing the patch!
On a side note, please be aware that when upgrading to a libvirt version
with this patch included, libvirt will not be able to remove the earlier
ip(6)tables rules without the '--physdev-is-bridged' addition. When
restarting libvirt, it will look for rules that match with
'--physdev-is-bridged' and since that wasn't there before, you'll end up
with a duplicate/malfunctioning ruleset. You'll have to remove these
rules/chains manually.
--
TransIP BV | https://www.transip.nl/
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list