于 2010年11月21日 18:15, Anton Gorlov 写道:
20.11.2010 14:49, Robin Green пишет:
Have you tried using the -t option to iptables?
Yes, of course.
I made a test filter
===
<filter name='test' chain='ipv4'>
<!-- drop if destination IP address is in the 10.35.40.6 -->
<rule action='drop' direction='out'>
<ip dstipaddr='10.35.40.6' dstipmask='32' />
</rule>
<!-- not doing anything with receiving side ... -->
</filter>
===
the rule is working, but I can not see it in any of the tables
#ebtables -t nat -L
for more info, take reference here:
http://libvirt.org/git/?p=libvirt-tck.git;a=tree;f=scripts/nwfilter/nwfilterxml2fwallout;h=cdf88dc5dbe32dcacb6f069e1ce714d7afaa097d;hb=HEAD
Regards
- Osier
_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users
