Hi list!
I just came over the fact that the iptables config set in the lxc-net
upstart job does also rewrite connections between hosts on the bridge. I
added a rule before the masquerade to prevent this and make sure, that
hosts on the same net bound to the bridge can talk without rewriting.
iptables -A POSTROUTING -s ${LXC_NETWORK} -d ${LXC_NETWORK} -t nat -j ACCEPT
Is that something that should be added in general? Dunno, maybe some
people want rewriting here?
Cheers,
Groupie
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Lxc-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/lxc-users
