[ovs-discuss] How implent ACL rule in 'out' direction.
fbl at sysclose.org
Tue May 26 13:58:20 UTC 2015
On Wed, May 13, 2015 at 07:38:02AM +0800, Huanle Han wrote:
> Hi, guys
> I'm working with ovs in normal mode.
> I have a question about the implent ACL rule in 'out' direction.
> For example, How can I implement such rules using ovs flow table?
> Rule 1: deny the flow whose tp_dst==22 output to VIF1, but permit to other
if you mean action NORMAL then that is not possible because once the
action is executed, the packet is forwarded to the ports and you have
no control over that.
> Rule 2: permit the flow whose nw_src==184.108.40.206 output to VIF2, but deny to
> other VIFs
I am afraid you will need to implement the action normal features
adding your restrictions yourself. Look at the Tutorial.md for
how to implement MAC-learning.
More information about the discuss