[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 4/5] hotplug/linux: Add IPv6 support to the iptables logic

To: Sylvain Munaut <s.munaut@xxxxxxxxxxxxxxxxxxxx>
From: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Date: Tue, 24 Jan 2017 17:43:30 +0000
Cc: Wei Liu <wei.liu2@xxxxxxxxxx>, Ian Campbell <Ian.Campbell@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxx
Delivery-date: Tue, 24 Jan 2017 17:43:36 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Sylvain Munaut writes ("[PATCH 4/5] hotplug/linux: Add IPv6 support to the 
iptables logic"):
> This adds the same functions for ip6tables as the one for iptables.
> The 'ip' variable can now contain ipv6s for the domain and add
> appropriate rules
> 
>  - If the 'ip' var is empty then both full IPv4 and IPv6 are allowed.
>  - If only IPv4 ips are present, then IPv6 will be completely disallowed.
>  - If only IPv6 ips are present, then IPv4 will be completely disallowed.
>  - You can use ::0/0 or 0.0.0.0/0 to allow v6 or v4 globally but filter
>    the other one.

Again, I think the explicit tracking of "any" is too complicated.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH 0/5] Various improvements for the VIF linux hotplug scripts
  - From: Sylvain Munaut
- [Xen-devel] [PATCH 4/5] hotplug/linux: Add IPv6 support to the iptables logic
  - From: Sylvain Munaut

Prev by Date: Re: [Xen-devel] [early RFC] ARM PCI Passthrough design document
Next by Date: Re: [Xen-devel] [PATCH 5/5] hotplug/linux: Add IPv6 support to vif-route
Previous by thread: [Xen-devel] [PATCH 4/5] hotplug/linux: Add IPv6 support to the iptables logic
Next by thread: [Xen-devel] [PATCH 5/5] hotplug/linux: Add IPv6 support to vif-route
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.