[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [adrian@xxxxxxxxxxxxxxx: [Xen-users] vif-common.sh, antispoof and multiple ips w/ ip=]
Hiya, I didn't get any replies to this on the xen-users list; I thought I'd try my luck here. Thanks, ----- Forwarded message from Adrian Chadd <adrian@xxxxxxxxxxxxxxx> ----- hiya, I'm running Xen w/ bridges and antispoof. I found this in vif-common.sh: if [ "$ip" != "" ] then local addr for addr in "$ip" do frob_iptable -s "$addr" done # Always allow the domain to talk to a DHCP server. frob_iptable -p udp --sport 68 --dport 67 else # No IP addresses have been specified, so allow anything. frob_iptable fi This works fine for one IP in the vif config but I can't figure out how to coax it into >1 IP like the for addr loop suggests. It always treats "$ip" as one entry and passes $addr as the whole IP string, not each IP. Here's an example: vif = [ 'bridge=xenbr0,ip=a.b.c.25 a.b.c.26 a.b.c.27 a.b.c.28' ] If I remove the ""'s around $ip then addr is passed individual IPs from that list and iptables is setup appropriately. Is this the correct solution? Thanks, Adrian ----- End forwarded message ----- _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |