thr3ads.net - libvirt users - [libvirt-users] problem with nwfilter direction='out' [Feb 2014]

If this information is useful, please help other people find it:
Share via:

Stephan Sachse

2014-Feb-19 19:32 UTC

[libvirt-users] problem with nwfilter direction='out'

i test the following simple filter

<filter name='nwfilter-test-fedora2' chain='root'>
  <uuid>ccbd255f-4be5-4f0f-8835-770ea40cb2c9</uuid>
  <rule action='accept' direction='out'
priority='500'>
    <tcp dstipaddr='10.1.24.0' dstipmask='24'
comment='test test test'/>
  </rule>
</filter>

but i get strange results (look at the attached output of iptables-save)

for me it looks like the direction='out' filters are attached to every
chain for this domain. additional there are wrong conntrack, state and
ctdir matches.

is this a bug or my fault?

/stephan

-- 
Software is like sex, it's better when it's free!

Stephan Sachse

2014-Feb-20 13:13 UTC

head link

Re: [libvirt-users] problem with nwfilter direction='out'

i have opened a bug report

https://bugzilla.redhat.com/show_bug.cgi?id=1067441

/stephan

-- 
Software is like sex, it's better when it's free!

Possibly Parallel Threads

Search for more apparently analagous threads

libvirt users - Feb 2014 - problem with nwfilter direction='out'

[libvirt-users] problem with nwfilter direction='out'

Re: [libvirt-users] problem with nwfilter direction='out'

Possibly Parallel Threads