On Fri, Nov 17, 2017 at 02:16:55PM +0000, Jan De Landtsheer wrote: > Hello again, > > I'm trying to define a conntrack flow that allows connections from linux > namespace1 to a test namespace, and block everything from the test > namespace to the host > > for that I create a bridge, add a port, send the port into the namespace, > give it an IP. on the host I add an IP ont the local interface of the > bridge: > > ``` > ovs-vsctl add-br test > ovs-vsctl add-port test tst -- set Interface test type=internal
That's a curious set of commands. Is 'tst' in the second line a typo? Is "test" in the "set Interface" command a typo? And then, later on, when you match on "local", do you expect that to match on your "tst" interface or on the built-in "test" interface? It is the latter that it will match. _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
