|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [adrian@xxxxxxxxxxxxxxx: [Xen-users] vif-common.sh, antispoof and multiple ips w/ ip=]
On Tue, Nov 21, 2006 at 08:49:44PM +0800, Adrian Chadd wrote: > I'm running Xen w/ bridges and antispoof. I found this in vif-common.sh: > > if [ "$ip" != "" ] > then > local addr > for addr in "$ip" > do > frob_iptable -s "$addr" > done > > # Always allow the domain to talk to a DHCP server. > frob_iptable -p udp --sport 68 --dport 67 > else > # No IP addresses have been specified, so allow anything. > frob_iptable > fi > > This works fine for one IP in the vif config but I can't figure out how to > coax > it into >1 IP like the for addr loop suggests. It always treats "$ip" as one > entry and passes $addr as the whole IP string, not each IP. > > Here's an example: > > vif = [ 'bridge=xenbr0,ip=a.b.c.25 a.b.c.26 a.b.c.27 a.b.c.28' ] > > If I remove the ""'s around $ip then addr is passed individual IPs from that > list > and iptables is setup appropriately. > > Is this the correct solution? Yes, I think so; I'll put a patch in. Thanks, Ewan. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |