WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] physdev match: using --physdev-out in the OUTPUT, FORWAR

from [Olaf Hering] [Permanent Link][Original]
To: James Harper <james.harper@xxxxxxxxxxxxxxxx>
Subject: Re: [Xen-devel] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore.
From: Olaf Hering <olaf@xxxxxxxxx>
Date: Fri, 3 Sep 2010 09:55:35 +0200
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 03 Sep 2010 00:56:19 -0700
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; t=1283500538; l=870; s=domk; d=aepfle.de; h=In-Reply-To:Content-Type:MIME-Version:References:Subject:Cc:To:From: Date:X-RZG-CLASS-ID:X-RZG-AUTH; bh=sN8fMBJKklCeA26J1q3VI9Qfgxc=; b=FJxIAxuVzY8arqqf9LNVtm50zP4690EbRimNaJNm9surzVGGsaMdzT/G7UERaJTn9C2 A1PfFEVeJmXkpc5FbBuuU6gOTpGQfiPPfA/9/Z9K/c9fJEiptBANY7+7WP8xjrRfnj46a ovKz7QKp6mO128Z8MPmaleZWVditJdkpEcA=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <AEC6C66638C05B468B556EA548C1A77D01A92A23@trantor>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <AEC6C66638C05B468B556EA548C1A77D01A92A23@trantor>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.20 (2009-06-14) 
On Fri, Sep 03, James Harper wrote:

> I see lots and lots of " physdev match: using --physdev-out in the
> OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not
> supported anymore." in the kernel logs. You can turn off some of the
> iptables stuff by turning off antispoofing but the stuff in
> vif-common.sh is not under admin control.
> 
> Not tested, but I think something like this might be required to make it
> work better:
> 
> ---
> /usr/local/src/xen-4.0-testing.hg/dist/install/etc/xen/scripts/vif-commo
> n.sh        2010-08-25 22:05:47.000000000 +1000
> +++ vif-common.sh       2010-09-03 10:05:03.316931684 +1000
> @@ -66,6 +66,11 @@
> 
>  frob_iptable()
>  {
> +  if [ `cat /proc/sys/net/bridge/bridge-nf-call-iptables` != "1" ]

Does that file always exist?
Better do "`${shell_code}`" to force an empty string if cat fails.

Olaf

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xen-devel] [PATCH] qemu-xen: fix cpu hotplug, Liu, Jinsong
Next by Date:  [Xen-devel] RE: [PATCH 01/13] Nested Virtualization: tools, Dong, Eddie
Previous by Thread:  [Xen-devel] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore., James Harper
Next by Thread:  [Xen-devel] BUG: soft lockup - CPU#1 stuck for 61s! [udevd:4865], James Harper
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy