I made a copy of linux-lts-backport-natty: 2.6.38-13.56~lucid1 into
https://launchpad.net/~nutznboltz/+archive/lp-931806-testing
and installed that on a KVM server.
by default now:
net.bridge.bridge-nf-call-iptables = 1
VM guest is firewalled off, can only reach the VM host.
If I run:
$ sudo sysctl -w net.bridge.bridge-nf-call-iptables=0
net.bridge.bridge-nf-call-iptables = 0
Then the VM guest can access the network.
This is the same behavior I see on Ubuntu 12.04 (developer branch).
I don't remember seeing this on a 2.6.38 backport to Lucid before.
During 12.04 testing I had to add this:
case node[:lsb][:codename]
when 'precise'
# Ubuntu 12.04 iptables FORWARD section will control the
bridge (bridging) by default.
# Without the following adjustment VM guests' network
will not be reachable
# beyond the VM host when the FORWARD policy is set to
DROP or REJECT.
# Adjust firewall immediately
execute "/sbin/sysctl -w
'net.bridge.bridge-nf-call-iptables=0'" do
only_if { File.exists?('/proc/sys/net/bridge') }
end
# Also at boot time
execute "echo 'net.bridge.bridge-nf-call-iptables=0' >>
/etc/sysctl.conf" do
only_if do
File.exists?('/proc/sys/net/bridge') && \
File.open("/etc/sysctl.conf").grep(/^net.bridge.bridge-nf-call-iptables=0/).empty?
end
end
end
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/931806
Title:
linux-lts-backport-natty: 2.6.38-13.56~lucid1 -proposed tracker
To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/931806/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
