Displaying 11 results from an estimated 11 matches for "dstipaddr".
Did you mean:
dst_addr
2013 Sep 02
1
how to setup network filter
...? Thanks a lot.
<filter name='filter-test'>
<rule action='accept' direction='in' priority='500'>
<tcp dstportstart='22'/>
</rule>
<rule action='accept' direction='out' priority='500'>
<ip dstipaddr='IP1'/>
</rule>
<rule action='accept' direction='out' priority='500'>
<ip dstipaddr='IP2'/>
</rule>
<rule action='drop' direction='out' priority='500'>
<all/>
</rule>
</...
2011 Feb 18
0
altering virtual network driver iptables behavior
...<udp srcipaddr='$MYIP'/>
</rule>
<rule action='accept' direction='out' priority='500'>
<icmp srcipaddr='$MYIP'/>
</rule>
<rule action='accept' direction='in' priority='500'>
<tcp dstipaddr='$MYIP'/>
</rule>
<rule action='accept' direction='in' priority='500'>
<udp dstipaddr='$MYIP'/>
</rule>
<rule action='accept' direction='in' priority='500'>
<icmp dstipaddr='$MYIP...
2018 Mar 29
1
nwfilter multiple IPs
I'm trying to apply a nwfilter rule for two networks on the same guest
interface, like so:
~ # virsh nwfilter-dumpxml 1081532-private-both
<filter name='1081532-private-both' chain='root'>
<uuid>16004b94-2b62-4568-9467-169908eb4040</uuid>
<rule action='accept' direction='in' priority='500'>
<ip
2018 Nov 08
0
Problems getting nwfilter to work
...ilter rule and
attached it to the interface of a guest using nwfilter-define:
<filter name='private_ip' chain='ipv4'>
<uuid>foobar</uuid>
<rule action='accept' direction='out' priority='100'>
<ip srcipaddr='$IP' dstipaddr='10.0.0.1'/>
</rule>
<rule action='accept' direction='in' priority='110'>
<ip srcipaddr='10.0.0.1' dstipaddr='$IP'/>
</rule>
<rule action='drop' direction='inout' priority='500'>...
2013 Sep 02
0
how to setup network filter
...? Thanks a lot.
<filter name='filter-test'>
<rule action='accept' direction='in' priority='500'>
<tcp dstportstart='22'/>
</rule>
<rule action='accept' direction='out' priority='500'>
<ip dstipaddr='IP1'/>
</rule>
<rule action='accept' direction='out' priority='500'>
<ip dstipaddr='IP2'/>
</rule>
<rule action='drop' direction='out' priority='500'>
<all/>
</rule>
</...
2019 Jun 03
1
Easy solution for custom firewall rules-
...state='ESTABLISHED'/>
</rule>
<rule action='accept' direction='out' priority='500'>
<all state='ESTABLISHED,RELATED'/>
</rule>
<rule action='accept' direction='in' priority='100'>
<ip dstipaddr='192.168.8.0' dstipmask='24'/>
</rule>
<rule action='accept' direction='out' priority='100'>
<ip srcipaddr='192.168.8.0' srcipmask='24'/>
</rule>
<rule action='drop' direction='inout' p...
2018 Jul 02
1
Re: East-west traffic network filter
...<ip match='yes' srcipaddr='$GATEWAY_IP'
srcipmask='$GATEWAY_IP_MASK' />
</rule>
<!-- allow traffic only to specified MAC address -->
<rule action='drop' direction='out'>
<ip match='yes' dstipaddr='$GATEWAY_IP'
dstipmask='$GATEWAY_IP_MASK' />
</rule>
<!-- preventing any other traffic than between specified MACs
and ARP -->
<filterref filter='no-other-l2-traffic'/>
<!-- allow qemu to send a self-announce upon migration end -->
<...
2014 Feb 19
1
problem with nwfilter direction='out'
i test the following simple filter
<filter name='nwfilter-test-fedora2' chain='root'>
<uuid>ccbd255f-4be5-4f0f-8835-770ea40cb2c9</uuid>
<rule action='accept' direction='out' priority='500'>
<tcp dstipaddr='10.1.24.0' dstipmask='24' comment='test test test'/>
</rule>
</filter>
but i get strange results (look at the attached output of iptables-save)
for me it looks like the direction='out' filters are attached to every
chain for this domain. additiona...
2013 Jul 19
1
How to handle IP-based Networkfilters
2016 Mar 01
0
nwfilter : iptables rules not working
...>
<rule action='accept' direction='in'>
<tcp dstportstart='22'/>
</rule>
<!-- accept the SSH to the other out -->
<rule action='accept' direction='out'>
<tcp dstipaddr='192.168.150.50' dstportstart='22' />
</rule>
<!-- deny explicitly all other flows to go outside -->
<rule action='drop' direction='inout'>
<all/>
</rule>
</filter>
then i defi...
2018 Jun 28
4
East-west traffic network filter
Hello,
I would like to make filter that allows communication only between
specified VMs. Those VMs should be specified by their MAC address. The
filter should extend clean-traffic but I was not able to get it working
with that reference. I have came up with modified clean-traffic which works
fine [1]. Is there a way to achieve the same behavior with reference to
clean-traffic?
Thank you.
Best