https://bugzilla.novell.com/show_bug.cgi?id=472107
User jfehlig@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=472107#c4
James Fehlig changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
Info Provider| |lnussel@novell.com
--- Comment #4 from James Fehlig 2009-02-11 15:21:19 MST ---
With firewall off, I can use the network-nat and vif-nat scripts successfully.
It sounds like this works for you (Emmanuel) as well.
Re comment #3:
Ludwig, during startup of a vm (xen, kvm, qemu, ...) a vif (tap) device is
created and hotplug triggers invocation of vif-nat script. When called with
'online vif vif-ipaddr' this script does
routing_ip()
{
echo $(echo $1 | awk -F. '{print $1"."$2"."$3"."$4 + 127}')
}
router_ip=$(routing_ip "$vif_ip")
ip link set "$vif" up arp on
ip addr add "$router_ip" dev "$vif"
ip route add "$vif_ip" dev "$vif" src "$router_ip"
echo 1 >/proc/sys/net/ipv4/conf/${vif}/proxy_arp
iptables -A FORWARD -m physdev --physdev-in "$vif" -s "$addr" -j ACCEPT
iptables -A FORWARD -m physdev --physdev-in "$vif" -p udp --sport 68 --dport 67
-j ACCEPT
How can this be handled when firewall is active?
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.