WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xen-devel] iptables issue

from [Ian Pratt] [Permanent Link][Original]
To: "Arun Sharma" <arun.sharma@xxxxxxxxx>, "xen-devel" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: RE: [Xen-devel] iptables issue
From: "Ian Pratt" <m+Ian.Pratt@xxxxxxxxxxxx>
Date: Thu, 18 Aug 2005 00:13:00 +0100
Delivery-date: Wed, 17 Aug 2005 23:11:12 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcWjf64k5d0ooJ/WTTad+uKhFTEgBAAAGLUg
Thread-topic: [Xen-devel] iptables issue 
> This line in network-brige script fails for me:
> 
>      # iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT
>        iptables: No chain/target/match by that name

You must have antispoof set to true to exercise that path in the script.
I've now enabled MATCH_PHYSDEV in the 32 and 64 bit xen0 kernels.

Thanks,
Ian
 
> $ grep CONFIG_IP_NF_MATCH_PHYSDEV *
> xen0_defconfig_x86_32:# CONFIG_IP_NF_MATCH_PHYSDEV is not set
> xen0_defconfig_x86_64:# CONFIG_IP_NF_MATCH_PHYSDEV is not set
> xen_defconfig_x86_32:CONFIG_IP_NF_MATCH_PHYSDEV=m
> xen_defconfig_x86_64:CONFIG_IP_NF_MATCH_PHYSDEV=m
> xenU_defconfig_x86_64:CONFIG_IP_NF_MATCH_PHYSDEV=m
> 
> As a result, packets don't get forwarded between eth0 and xen-br0.
> 
>       -Arun
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] [PATCH] supporting non-NX/XD capable processors on x86_64 xenlinux, Nakajima, Jun
Next by Date:  Re: [Xen-devel] iptables issue, Arun Sharma
Previous by Thread:  [Xen-devel] iptables issue, Arun Sharma
Next by Thread:  Re: [Xen-devel] iptables issue, Arun Sharma
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy