[xen - iptable] erreurs dans les log : syslog

Le
Philippe
Bonjour à tous

Dans mon syslog et dmesg j'ai des lignes du type :

May 27 05:52:38 vmhost2 kernel: [30433.353562] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.

j'ai les cartes réseaux suivantes :
06:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd.
RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 03)
04:00.0 Ethernet controller: Intel Corporation 82571EB Gigabit Ethernet
Controller (rev 06)
04:00.1 Ethernet controller: Intel Corporation 82571EB Gigabit Ethernet
Controller (rev 06)

je suis sous xen Linux vmhost2.leworm.fr 2.6.32-5-xen-amd64 #1 SMP Thu
May 19 01:16:47 UTC 2011 x86_64 GNU/Linux

Voici le résultat de :
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out Bacula
ACCEPT udp -- anywhere anywhere PHYSDEV
match --physdev-in Bacula udp spt:bootpc dpt:bootps
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out Bacula
ACCEPT all -- bacula.leworm.fr anywhere PHYSDEV
match --physdev-in Bacula
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out web2
ACCEPT udp -- anywhere anywhere PHYSDEV
match --physdev-in web2 udp spt:bootpc dpt:bootps
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out web2
ACCEPT all -- 10.0.0.25 anywhere PHYSDEV
match --physdev-in web2
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out postgres1
ACCEPT udp -- anywhere anywhere PHYSDEV
match --physdev-in postgres1 udp spt:bootpc dpt:bootps
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out postgres1
ACCEPT all -- 10.0.0.25 anywhere PHYSDEV
match --physdev-in postgres1
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out reversprox
ACCEPT udp -- anywhere anywhere PHYSDEV
match --physdev-in reversprox udp spt:bootpc dpt:bootps
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out reversprox
ACCEPT all -- 10.0.0.100 anywhere PHYSDEV
match --physdev-in reversprox
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out mid
ACCEPT udp -- anywhere anywhere PHYSDEV
match --physdev-in mid udp spt:bootpc dpt:bootps
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out mid
ACCEPT all -- 10.0.0.7 anywhere PHYSDEV
match --physdev-in mid
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out nlappsrv
ACCEPT udp -- anywhere anywhere PHYSDEV
match --physdev-in nlappsrv udp spt:bootpc dpt:bootps
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out nlappsrv
ACCEPT all -- 10.0.0.37 anywhere PHYSDEV
match --physdev-in nlappsrv
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out vpn
ACCEPT udp -- anywhere anywhere PHYSDEV
match --physdev-in vpn udp spt:bootpc dpt:bootps
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out vpn
ACCEPT all -- maindb.priv.proxad.net anywhere PHYSDEV
match --physdev-in vpn
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out ns
ACCEPT udp -- anywhere anywhere PHYSDEV
match --physdev-in ns udp spt:bootpc dpt:bootps
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED PHYSDEV match --physdev-out ns
ACCEPT all -- 10.0.0.12 anywhere PHYSDEV
match --physdev-in ns

Chain OUTPUT (policy ACCEPT)
target prot opt source destination




Ici vous avez les log (syslog) lors du redémarage d'une vm (ici bacula)



May 27 05:52:38 vmhost2 kernel: [30433.321011] device Bacula entered
promiscuous mode
May 27 05:52:38 vmhost2 kernel: [30433.323023] Xmbr1-h2_eth2-G: port
4(Bacula) entering learning state
May 27 05:52:38 vmhost2 kernel: [30433.353558] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353562] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353564] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353567] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353569] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353572] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353574] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353576] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353579] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353581] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353583] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353586] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353588] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.353590] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358161] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358165] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358167] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358170] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358172] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358174] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358177] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358179] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358181] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358184] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358186] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358188] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358191] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358193] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.358195] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365922] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365926] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365929] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365931] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365933] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365936] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365938] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365940] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365943] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365945] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365947] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365950] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365952] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365954] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.365957] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370085] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370089] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370092] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370094] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370096] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370099] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370101] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370103] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370106] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370108] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370110] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370113] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370115] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370117] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370120] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:38 vmhost2 kernel: [30433.370122] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.
May 27 05:52:40 vmhost2 kernel: [30435.933128] blkback: ring-ref 8,
event-channel 8, protocol 1 (x86_64-abi)
May 27 05:52:41 vmhost2 kernel: [30436.053314] blkback: ring-ref 9,
event-channel 9, protocol 1 (x86_64-abi)
May 27 05:52:41 vmhost2 kernel: [30436.199106] blkback: ring-ref 10,
event-channel 10, protocol 1 (x86_64-abi)
May 27 05:52:41 vmhost2 kernel: [30436.346027] blkback: ring-ref 11,
event-channel 11, protocol 1 (x86_64-abi)
May 27 05:52:41 vmhost2 kernel: [30436.550957] blkback: ring-ref 12,
event-channel 12, protocol 1 (x86_64-abi)
May 27 05:52:41 vmhost2 kernel: [30436.678831] blkback: ring-ref 768,
event-channel 13, protocol 1 (x86_64-abi)
May 27 05:52:53 vmhost2 kernel: [30448.320053] Xmbr1-h2_eth2-G: port
4(Bacula) entering forwarding state

Avez vous une idée?

Merci de votre aide.

Philippe

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers debian-user-french-REQUEST@lists.debian.org
En cas de soucis, contactez EN ANGLAIS listmaster@lists.debian.org
Archive: http://lists.debian.org/4DDF23C5.9070704@leworm.fr
Vidéos High-Tech et Jeu Vidéo
Téléchargements
Vos réponses
Gagnez chaque mois un abonnement Premium avec GNT : Inscrivez-vous !
Trier par : date / pertinence
Jean-Michel OLTRA
Le #23395381
Bonjour,


Le vendredi 27 mai 2011, Philippe a écrit...


May 27 05:52:38 vmhost2 kernel: [30433.353562] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.



Il me semble me rappeler que tu dois rajouter --physdev-is-bridged dans
ta règle pour l'appliquer au traffic ponté uniquement.

--
jm

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/
Philippe
Le #23395521
Le 27/05/2011 09:03, Jean-Michel OLTRA a écrit :
Bonjour,


Le vendredi 27 mai 2011, Philippe a écrit...


May 27 05:52:38 vmhost2 kernel: [30433.353562] physdev match: using
--physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
non-bridged traffic is not supported anymore.


Il me semble me rappeler que tu dois rajouter --physdev-is-bridged dans
ta règle pour l'appliquer au traffic ponté uniquement.



tu mets cela dans vif-common.sh ?

Merci de ton aide

philippe

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/
Jean-Michel OLTRA
Le #23396211
Bonjour,


Le vendredi 27 mai 2011, Philippe a écrit...


> Il me semble me rappeler que tu dois rajouter --physdev-is-bridged dans
> ta règle pour l'appliquer au traffic ponté uniquement.
>
tu mets cela dans vif-common.sh ?



Perso, j'ai un script shell qui me permet de lancer les règles voulues.

Et j'ai également un /etc/init.d/iptables (comme à l'époque de Woody ou
Potato, je ne sais plus), qui me permet de sauvegarder les règles
(save), ou de les lancer (start), ou de les désactiver (stop).

Ainsi, lorsque les règles ont été paramétrées une bonne fois, la
sauvegarde les stocke, chaque reboot du serveur les recharge et je ne
m'en occupe plus, sauf si il faut les ré-actualiser.

--
jm

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/
Philippe
Le #23396391
Le 27/05/2011 12:32, Jean-Michel OLTRA a écrit :
Bonjour,


Le vendredi 27 mai 2011, Philippe a écrit...


Il me semble me rappeler que tu dois rajouter --physdev-is-bridged dans
ta règle pour l'appliquer au traffic ponté uniquement.



tu mets cela dans vif-common.sh ?


Perso, j'ai un script shell qui me permet de lancer les règles voulues.

Et j'ai également un /etc/init.d/iptables (comme à l'époque de Woody ou
Potato, je ne sais plus), qui me permet de sauvegarder les règles
(save), ou de les lancer (start), ou de les désactiver (stop).

Ainsi, lorsque les règles ont été paramétrées une bonne fois, la
sauvegarde les stocke, chaque reboot du serveur les recharge et je ne
m'en occupe plus, sauf si il faut les ré-actualiser.



Pour mon cas c'est les scripts usine de xen ...
philippe

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/
Jean-Sébastien Kroll-Rabotin
Le #23396971
--Sig_/m2+VWsRDy_j82TCO=BJ/0Pd
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Salut,

Il me semble me rappeler que tu dois rajouter --physdev-is-bridged
dans ta règle pour l'appliquer au traffic ponté uniquement.



Merci beaucoup pour l'info ! J'avais cherché sans succès car j'ai moi
aussi des alertes plein mes journaux. Cependant, sans l'option
« --physdev-is-bridged » le message obtenu n'est qu'une alerte et les
règles s'appliquent bien.

Donc pour Philippe :
Pour mon cas c'est les scripts usine de xen ...



Il n'y a pas de quoi s'inquiéter, si tu ne peux pas régler aisà ©ment les
paramètres passés à iptables, ces alertes ne sont pas gà ªnantes (pourvu
que les règles soient effectivement appliquées à des interfa ces reliées
par un pont).

Merci du tuyau.

J.-S.

--Sig_/m2+VWsRDy_j82TCO=BJ/0Pd
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3fv1AACgkQ3qwCc2aFrObUbwCfYZoQshibmqtLrXSMJkZf7q0l
cjgAoJh5d10kmpNVJy0WOm/kZhCA8RwI
=vwxt
-----END PGP SIGNATURE-----

--Sig_/m2+VWsRDy_j82TCO=BJ/0Pd--

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/
Philippe
Le #23397201
Le 27/05/2011 17:12, Jean-Sébastien Kroll-Rabotin a écrit :
Salut,

Il me semble me rappeler que tu dois rajouter --physdev-is-bridged
dans ta règle pour l'appliquer au traffic ponté uniquement.


Merci beaucoup pour l'info ! J'avais cherché sans succès car j'ai moi
aussi des alertes plein mes journaux. Cependant, sans l'option
« --physdev-is-bridged » le message obtenu n'est qu'une alerte et les
règles s'appliquent bien.

Donc pour Philippe :
Pour mon cas c'est les scripts usine de xen ...


Il n'y a pas de quoi s'inquiéter, si tu ne peux pas régler aisément les
paramètres passés à iptables, ces alertes ne sont pas gênantes (pourvu
que les règles soient effectivement appliquées à des interfaces reliées
par un pont).

Merci du tuyau.

J.-S.


Ah ok merci
je continue malgré tout a chercher
philippe

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/
Jean-Michel OLTRA
Le #23397781
Bonjour,


Le vendredi 27 mai 2011, Philippe a écrit...


>> Pour mon cas c'est les scripts usine de xen ...

Ah ok merci
je continue malgré tout a chercher



Tu peux modifier les scripts de Xen, je pense. Il faudra juste y faire
un peu attention lors d'une mise à jour du système qui affecterait Xen.

--
jm

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/
Publicité
Poster une réponse
Anonyme