https://bugzilla.novell.com/show_bug.cgi?id=472107 User jfehlig@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=472107#c4 James Fehlig <jfehlig@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |lnussel@novell.com --- Comment #4 from James Fehlig <jfehlig@novell.com> 2009-02-11 15:21:19 MST --- With firewall off, I can use the network-nat and vif-nat scripts successfully. It sounds like this works for you (Emmanuel) as well. Re comment #3: Ludwig, during startup of a vm (xen, kvm, qemu, ...) a vif (tap) device is created and hotplug triggers invocation of vif-nat script. When called with 'online vif vif-ipaddr' this script does routing_ip() { echo $(echo $1 | awk -F. '{print $1"."$2"."$3"."$4 + 127}') } router_ip=$(routing_ip "$vif_ip") ip link set "$vif" up arp on ip addr add "$router_ip" dev "$vif" ip route add "$vif_ip" dev "$vif" src "$router_ip" echo 1 >/proc/sys/net/ipv4/conf/${vif}/proxy_arp iptables -A FORWARD -m physdev --physdev-in "$vif" -s "$addr" -j ACCEPT iptables -A FORWARD -m physdev --physdev-in "$vif" -p udp --sport 68 --dport 67 -j ACCEPT How can this be handled when firewall is active? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.