[ovs-discuss] apply ACL to control network traffic

devang.vyas at aol.in devang.vyas at aol.in
Tue Feb 2 22:34:13 PST 2010


Hi, 

I also want to know, how I can have flow table with default single entry (allow all)?

Thanks,
DV
-----Original Message-----
From: Jesse Gross <jesse at nicira.com>
To: devang.vyas at aol.in
Cc: discuss at openvswitch.org
Sent: Wed, 3 Feb 2010 12:42 am
Subject: Re: [ovs-discuss] apply ACL to control network traffic


ACLs can be created by adding flow entries to the switch.  By default the flow table of Open vSwitch contains one entry, which is to perform the normal switch processing on all traffic (allow all).  To restrict traffic you can create additional flow entries using the ovs-ofctl program.  A simple example would be:


utilities/ovs-ofctl add-flow br0 idle_timeout=0,icmp,action=


This will drop all ICMP traffic flowing across switch br0.  The ovs-ofctl man page describes the syntax of this command (and more).


Jesse


On Tue, Feb 2, 2010 at 6:14 AM, <devang.vyas at aol.in> wrote:

Hi,
 
I am new user to open vswitch. I am using open vswitch on XenServer. I want to know how to create ACL to control network traffic and how can I have ACL specific to particular VM? In short I want to know about ACL configuration in open vswitch. Can anyone suggest me source of details regarding this?
 
Thanks,
Devang




_______________________________________________
discuss mailing list
discuss at openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss_openvswitch.org





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/discuss/attachments/20100203/4d70a7a1/attachment-0001.htm>


More information about the discuss mailing list