rename link to fwln && link peer to fwpr2014-05-14T03:25:45ZAlexandre Derumieraderumier@odiso.comDietmar Maurerdietmar@proxmox.com2014-05-14T03:25:45Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=7d78a966e5e61a4cd777e8306e0b3dae7d8404ab
rename link to fwln && link peer to fwpr
also plug fwpr to vmbr, and fwln to fwbr
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
we need to match link+ rule from iptables rules, and need to have a name different2014-05-13T12:33:49ZDietmar Maurerdietmar@proxmox.comDietmar Maurerdietmar@proxmox.com2014-05-13T12:33:49Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=47c710a624f7904efbb1ab04c57f3a3196d4421a
we need to match link+ rule from iptables rules, and need to have a name different
than link(\d+)i(\d+), for distinguished bridge/ovs interface unplug
Based on patch from Alexandre, but I prefer "link${vmid}o${devid}"
add firewall bridge support for openvswitch2014-05-08T11:07:52ZDietmar Maurerdietmar@proxmox.comDietmar Maurerdietmar@proxmox.com2014-05-08T11:07:52Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=70ab4434cd819189e816e728c2369f212636a8d3
add firewall bridge support for openvswitch
eth0-->vmbr0--vlan--fwintXiY-->fwbr-->tapXiY (firewalled tap)
--vlan-->tapXiY (non firewall tap)
This is based on patches from Alexandre, but tries to factor out
common code into privat methods.
add firewall bridge support for linux bridge2014-05-08T09:28:03ZDietmar Maurerdietmar@proxmox.comDietmar Maurerdietmar@proxmox.com2014-05-08T09:28:03Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=605bb891dd6ca48430d5e05cb8eb392f6f928a42
add firewall bridge support for linux bridge
eth0----->vmbr0
eth0.94-->vmbr0v94<--tapXiY (non firewalled tap)
<--linkXiY-->linkXpY-->fwbrXiY-->tapXiY (firewalled tap)
This is based on patches from Alexandre, but tries to factor out
common code into privat methods.
dont use undefined var $ifcount2014-03-19T05:50:47ZDietmar Maurerdietmar@proxmox.comDietmar Maurerdietmar@proxmox.com2014-03-19T05:50:47Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=5ffa7628c5c099b555a337d679c6894c5c7afefd
Delayed vlan interface creation until all checks are done.2014-02-12T07:55:30ZPablo Ruiz Garciapablo.ruiz@gmail.comDietmar Maurerdietmar@proxmox.com2014-02-12T07:55:30Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=c9030d977cd40695293c7af2b18f79ce48c1ad1f
Delayed vlan interface creation until all checks are done.
Signed-off-by: Pablo Ruiz Garcia <pablo.ruiz@gmail.com>
Handle cases where the vlan bridge has already been setup previouslly.2014-02-12T07:55:29ZPablo Ruiz Garciapablo.ruiz@gmail.comDietmar Maurerdietmar@proxmox.com2014-02-12T07:55:29Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=eee4b32a6528a56f1028e9a622bb14a998d6e6e5
Handle cases where the vlan bridge has already been setup previouslly.
Signed-off-by: Pablo Ruiz Garcia <pablo.ruiz@gmail.com>
Add support for bridges with more than one physical link (ie. two bonds each connecte... 2014-02-12T07:55:28ZPablo Ruiz Garciapablo.ruiz@gmail.comDietmar Maurerdietmar@proxmox.com2014-02-12T07:55:28Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=70d89745ca6da381df4b99dedaf909476b16eec7
Add support for bridges with more than one physical link (ie. two bonds each connected to a different switch using MSTP/PVSTP to load balance vlans across links)
Signed-off-by: Pablo Ruiz Garcia <pablo.ruiz@gmail.com>
use full name for PVE::ProcFSTools::write_proc_entry()2014-02-26T06:57:48ZDietmar Maurerdietmar@proxmox.comDietmar Maurerdietmar@proxmox.com2014-02-26T06:57:48Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=aec048035e0b5bbaf789099c6799cc5630861bfc
use full name for PVE::ProcFSTools::write_proc_entry()
correctly copy bridge config
Simply use IO::File to write /proc/xyz files instead of running
external program using system("echo ...") (which fails when running
in perl taint mode).
add openvswitch support to tap_plug / tap_unplug2013-12-18T14:13:11ZAlexandre Derumieraderumier@odiso.comDietmar Maurerdietmar@proxmox.com2013-12-18T14:13:11Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=4cbabd40a7db4f810c3383b13555e9502a0b9382
add openvswitch support to tap_plug / tap_unplug
Note: I force removal of openvswitch tap configuration at begin of tap_plug,
because openvswitch don't auto-delete tap config on tap interface deletion.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
use warnings everywhere.2013-10-01T11:19:38ZDietmar Maurerdietmar@proxmox.comDietmar Maurerdietmar@proxmox.com2013-10-01T11:19:38Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=c36f332e32c91a66401b1b2a5005fff8168212df
fix path for brctl to /sbin/brctl2013-03-15T09:34:51ZDietmar Maurerdietmar@proxmox.comDietmar Maurerdietmar@proxmox.com2013-03-15T09:34:51Zhttps://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=9e14b1b78aaf7bd79daa0ef13d736753483708ec
copy_bridge : copy multicast_snooping && multicast_querier
If we create new vlan bridge, we want to copy multicast options if user have tunned them
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>