hm. that's unfortunate. so if a user wanted to use ip filters in an lx zone, how would we support this?
also, is configuring ip filters in a non-global zone a requirement for having nat'ted zones? (something i'm not sure about since i've never seen any examples of what such a configuration would look like.) ed On Sun, Nov 05, 2006 at 06:20:52PM -0800, Erik Nordmark wrote: > > FYI. > > Darren didn't give much of a motivation. > > Erik > > -------- Original Message -------- > Subject: Re: BrandZ and IP instances > Date: Tue, 24 Oct 2006 19:08:12 -0700 > From: [EMAIL PROTECTED] > To: Erik Nordmark <[EMAIL PROTECTED]> > CC: [EMAIL PROTECTED] > References: <[EMAIL PROTECTED]> > e > Erik Nordmark wrote: > > > > >We are talking about what it would mean for the lx brand to work with > >an exclusive IP instance. > > > >Ed said something about iptables: > > > > > - wrt to brandz, supporting an exclusive ip instance in an an lx > > > branded zone will require the implementation of network > >configuration > > > interfaces within the lx brand. it will probably involve > >translating > > > a bunch of ioctls and socket operations. also, looking at a centos > > > machine i see that it uses iptables instead of ipfilters. so all > > > the iptables configuration system calls would need to be translated > > > into their corresponding ipfilters commands. > > > >The question for you is whether there is a 1-1 mapping between > >iptables configurations and IP Filter configurations? > > > Forget it. While there are roughly similar features available, attempting > to do this is out of question. > > Darren > > _______________________________________________ zones-discuss mailing list email@example.com