[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-devel] iptables issue

  • To: "Arun Sharma" <arun.sharma@xxxxxxxxx>, "xen-devel" <xen-devel@xxxxxxxxxxxxxxxxxxx>
  • From: "Ian Pratt" <m+Ian.Pratt@xxxxxxxxxxxx>
  • Date: Thu, 18 Aug 2005 00:13:00 +0100
  • Delivery-date: Wed, 17 Aug 2005 23:11:12 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
  • Thread-index: AcWjf64k5d0ooJ/WTTad+uKhFTEgBAAAGLUg
  • Thread-topic: [Xen-devel] iptables issue
> This line in network-brige script fails for me:
> 
>      # iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT
>        iptables: No chain/target/match by that name

You must have antispoof set to true to exercise that path in the script.
I've now enabled MATCH_PHYSDEV in the 32 and 64 bit xen0 kernels.

Thanks,
Ian
 
> $ grep CONFIG_IP_NF_MATCH_PHYSDEV *
> xen0_defconfig_x86_32:# CONFIG_IP_NF_MATCH_PHYSDEV is not set
> xen0_defconfig_x86_64:# CONFIG_IP_NF_MATCH_PHYSDEV is not set
> xen_defconfig_x86_32:CONFIG_IP_NF_MATCH_PHYSDEV=m
> xen_defconfig_x86_64:CONFIG_IP_NF_MATCH_PHYSDEV=m
> xenU_defconfig_x86_64:CONFIG_IP_NF_MATCH_PHYSDEV=m
> 
> As a result, packets don't get forwarded between eth0 and xen-br0.
> 
>       -Arun
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.