[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] iptable system log messages


On Mar 2, 2012 9:36 PM, "Jonathan Gowar" <jon@xxxxxxxxxxxxxxxx> wrote:
>
> I have many of these in system logs:-
>
> [97468.141932] physdev match: using --physdev-out in the OUTPUT, FORWARD
> and POSTROUTING chains for non-bridged traffic is not supported anymore.
> [97468.141937] physdev match: using --physdev-out in the OUTPUT, FORWARD
> and POSTROUTING chains for non-bridged traffic is not supported anymore.
>
> So many, it makes it difficult to see anything else. ÂThat was until I
> read this:-
>
> http://wiki.xensource.com/xenwiki/XenNetworking#head-602e26cd4a03b992f3938fe1bea03fa0fea0ed8b
>
> ACCEPT Â Â all Â-- Â0.0.0.0/0 Â Â Â Â Â Â0.0.0.0/0 Â Â Â Â Â PHYSDEV
> match --physdev-in eth0 ! --physdev-out eth0
> ACCEPT Â Â all Â-- Â0.0.0.0/0 Â Â Â Â Â Â0.0.0.0/0 Â Â Â Â Â PHYSDEV
> match ! --physdev-in eth0 --physdev-out eth0
>
> The messages are certainly repressed, but I still get the occasional,
> sporadic batch of messages.
>
> Can anyone assist me please?
>
> Thanks,
> Jon
>
>

As the messages declared, you have some messed-up iptables rules. Delete / modify the offending rules. Easiest way :

cd ~
iptables-save > myrules
vi myrules
iptables-restore < myrules

then, use your distro's method to make the changes permanent (i.e., survives reboots)

Rgds, 

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.