>>I wonder if it is good enough to set those options for the whole host?
Yes, I think it's ok. It could also improve performance, for bad packets, less lookups in vmbr, tap chains. ----- Mail original ----- De: "Dietmar Maurer" <diet...@proxmox.com> À: "Alexandre DERUMIER (aderum...@odiso.com)" <aderum...@odiso.com>, pve-devel@pve.proxmox.com Envoyé: Vendredi 18 Avril 2014 07:51:46 Objet: firewall option nosmurfs and tcpflags We currently allow option nosmurfs and tcpflags at VM level. The bad thing is that all related logs are generated using VMID 0, so you would not see the result in the VM firewall log. I wonder if it is good enough to set those options for the whole host? _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
