apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
cloudstack/scripts/vm/hypervisor
History
Anthony Xu f1fb7c3efe in security group, CS put a rule in ebtables filter table FORWARD chain to prevent user from changing VM mac address 
util.pread2(['ebtables', '-A', vm_chain, '-i', vif, '-s', '!', vm_mac,  '-j', 'DROP'])

if user changes the VM mac address, all egress packet from the VM will be dropped, but the egress packet still contaminate the bridge cache with fake MAC,

This patch moves the rule to ebtables nat table PREROUTING chain, then the egress packet with modified MAC will not contaminate the bridge cache.

Anthony
2013-07-30 17:04:21 -07:00
..
kvm
CLOUDSTACK-2614: Fix the permission of patchviasocket.pl
2013-05-29 14:24:49 -07:00
xenserver
in security group, CS put a rule in ebtables filter table FORWARD chain to prevent user from changing VM mac address
2013-07-30 17:04:21 -07:00
versions.sh
license header changes for scripts folder from Chip Childers
2012-06-23 00:58:00 -04:00