[CRIU] [PATCH] iptables: use OUTPUT table to block locally-generated packet
Pavel Emelyanov
xemul at parallels.com
Tue Sep 17 15:55:22 EDT 2013
On 09/17/2013 11:50 PM, Andrey Vagin wrote:
> We was going to block a connections in both directions (v0.6-97-g0a1b70b),
> but both iptable rules are added in the INPUT table. It's wrong, because
> the rule must be added to the OUTPUT table to block locally-generated packets
>
> Signed-off-by: Andrey Vagin <avagin at openvz.org>
> ---
applied
More information about the CRIU
mailing list