[ovirt-users] Ip spoofing

Punit Dambiwal hypunit at gmail.com
Fri Jun 27 09:36:49 UTC 2014


Hi Dan,

Please find the below :-

[root at gfs1 ~]#  su - vdsm -s /bin/bash
-bash-4.1$ cd /usr/share/vdsm; python -c 'import hooks;print
hooks._scriptsPerDir("before_device_create")'
['/usr/libexec/vdsm/hooks/before_device_create/50_noipspoof']
-bash-4.1$

Antoni @ selinux already in the permissive mode....do you want me to
disable it ??

[root at gfs1 ~]# sestatus | grep -i mode
Current mode:                   permissive
Mode from config file:          permissive
[root at gfs1 ~]#


On Fri, Jun 27, 2014 at 5:31 PM, Dan Kenigsberg <danken at redhat.com> wrote:

> On Fri, Jun 27, 2014 at 05:07:56PM +0800, Punit Dambiwal wrote:
> > Hi Dan,
> >
> > Still the same....VM can spoof the ip address...attached is the VM domain
> > xml file....
>
> <snip>
>
> yep, the hook script did not come into action.
>
> >     <interface type='bridge'>
> >       <mac address='00:1a:4a:81:80:01'/>
> >       <source bridge='private'/>
> >       <target dev='vnet0'/>
> >       <model type='virtio'/>
> >       <filterref filter='vdsm-no-mac-spoofing'/>
> >       <link state='up'/>
> >       <alias name='net0'/>
> >       <address type='pci' domain='0x0000' bus='0x00' slot='0x03'
> function='0x0'/>
> >     </interface>
>
> and I am still at the dark regarding what could cause that. Would you
> repeat the following line, as root and as vdsm user?
>
> $ cd /usr/share/vdsm; python -c 'import hooks;print
> hooks._scriptsPerDir("before_device_create")'
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20140627/693cab34/attachment-0001.html>


More information about the Users mailing list