| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] Re: number of ips
i think ebtables on centos is broken(5.2 anyway), look out for messages in dmesg
On Wed, Apr 15, 2009 at 7:57 PM, Anand Gupta <xen.mails@xxxxxxxxx> wrote:
Made the changes by hand on vif-bridge, changed xend-config to use the new vif-bridge-custom script, and bang :( The domU won't start now.
Error: Device 0 (vif) could not be connected. /etc/xen/scripts/vif-bridge-custom failed; error detected.
Here is the diff
diff -u vif-bridge vif-bridge-custom
--- vif-bridge 2009-04-14 23:35:08.000000000 -0400
+++ vif-bridge-custom 2009-04-15 00:01:08.000000000 -0400
@@ -57,15 +57,37 @@
online)
setup_bridge_port "$vif"
add_to_bridge "$bridge" "$vif"
+ ebtables -N $vif
+ ebtables -P $vif DROP
+ ebtables -A INPUT -i $vif -j $vif
+ ebtables -A FORWARD -i $vif -j $vif
+ ebtables -A $vif -p ARP –arp-opcode 1 -j ACCEPT
+
+ if [ ! -z "$ip" ]
+ then
+ for oneip in $ip
+ do
+ ebtables -A $vif -p IPv4 –ip-src $oneip -j ACCEPT
+ ebtables -A $vif -p IPv4 –ip-dst $oneip -j ACCEPT
+ ebtables -A $vif -p ARP –arp-opcode 2 –arp-ip-src $oneip -j ACCEPT
+ done
+
+ ebtables -A $vif --log-prefix="arp-drop" --log-arp -j DROP
+
+ fi
;;
offline)
do_without_error brctl delif "$bridge" "$vif"
do_without_error ifconfig "$vif" down
+ do_without_error ebtables -D INPUT -i $vif -j $vif
+ do_without_error ebtables -D FORWARD -i $vif -j $vif
+ do_without_error ebtables -F $vif
+ do_without_error ebtables -X $vif
;;
esac
-handle_iptable
+#handle_iptable
log debug "Successful vif-bridge $command for $vif, bridge $bridge."
if [ "$command" == "online" ]
Will appreciate any help on this. On Wed, Apr 15, 2009 at 11:27 PM, Anand Gupta <xen.mails@xxxxxxxxx> wrote:
Tried to apply this patch. Fresh install centos5.3, xen 3.0.3-80
I get this error.
missing header for unified diff at line 3 of patch patching file vif-bridge
patch: **** malformed patch at line 4: online)
Any ideas on how to fix this ?
-- regards, Anand Gupta
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [SPAM] Re: [Xen-users] Re: number of ips, (continued)
- Re: [Xen-users] Re: number of ips, Simon Hobson
- Re: [Xen-users] Re: number of ips, Peter Booth
- Re: [Xen-users] Re: number of ips, Anand Gupta
- Re: [Xen-users] Re: number of ips, David
- Re: [Xen-users] Re: number of ips, Anand Gupta
- Re: [Xen-users] Re: number of ips, Anand Gupta
- Re: [Xen-users] Re: number of ips, Anand Gupta
- Re: [Xen-users] Re: number of ips,
David <=
- Re: [Xen-users] Re: number of ips, Anand Gupta
- Re: [Xen-users] Re: number of ips, David
- Re: [Xen-users] Re: number of ips, Anand Gupta
- Re: [Xen-users] Re: number of ips, Rafał Kupka
- Re: [Xen-users] Re: number of ips, David
- Re: [Xen-users] Re: number of ips, Anand Gupta
- Re: [Xen-users] Re: number of ips, David
- Re: [Xen-users] Re: number of ips, Anand Gupta
- Re: [Xen-users] Re: number of ips, David
- Re: [Xen-users] Re: number of ips, Anand Gupta
|
|
|
| |
|
Home