On 30.08.2010 20:14, Pascal Hambourg wrote:
With these rules, I'm not able to communicate (i.e. ping) with other
hosts in the same subnet, except the gateway (although this was the same
with my previous rules, I think).
Of course these rules are just a part of the ruleset. Did you do the
same for all other bridge ports and hosts in the subnet ?
No, I did not.
So even if it's blocked on one bridge, rogue MAC/IP can still "get
outside" and interfere with other bridges/guests?
--
Tomasz Chmielewski
http://wpkg.org
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
