KVM虛擬機器設定橋接上網
阿新 • • 發佈:2019-02-19
# iptables -t filter -L -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1 74 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 ---->由libvirt指令碼自動寫入
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 ---->由libvirt指令碼自動寫入
3 984 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 ---->由libvirt指令碼自動寫入
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 ---->由libvirt指令碼自動寫入
178K 195M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ---->iptables的系統預設
2 168 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ---->iptables的系統預設
1148 216K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 ---->iptables的系統預設
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 ---->iptables的系統預設
16564 2721K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited ---->iptables的系統預設
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
3726 3485K ACCEPT all -- * virbr0 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED ---->由libvirt指令碼自動寫入
3491 399K ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0 ---->由libvirt指令碼自動寫入
0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0 ---->由libvirt指令碼自動寫入
0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable ---->由libvirt指令碼自動寫入
0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable ---->由libvirt指令碼自動寫入
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited ---->iptables的系統預設
Chain OUTPUT (policy ACCEPT 181K packets, 138M bytes)
pkts bytes target prot opt in out source destination