From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: Re: [RFC manager/network v2 0/3] fix #5066: make generated snat rules flushable
Date: Thu, 25 Jun 2026 17:51:23 +0200 [thread overview]
Message-ID: <e7461eb3-5902-4f99-aa8f-c6bec1e7e278@proxmox.com> (raw)
In-Reply-To: <4c57df22-f070-4da4-970a-b79c7c65bb13@proxmox.com>
On 6/25/26 5:44 PM, Stefan Hanreich wrote:
[snip]
> The only way to work around this I can think of is by creating a new
> chain with a different name (PROXMOX-SDN-new) and create the ruleset
> there. Afterwards, insert the jump to the new chain before the old chain
> in the NAT table and finally delete the rule jumping to the old chain.
> Afterwards, rename the PROXMOX-SDN-new chain to PROXMOX-SDN via the -E
> option of iptables.
Just noticed, with that approach configuration wouldn't survive a reboot
:/. But we could possibly invert the logic and rename the old chain to
PROXMOX-SDN-old and leave the current config as-is. Then simply remove
the PROXMOX-SDN-old chain inside the reload network configuration function.
[snip]
prev parent reply other threads:[~2026-06-25 15:51 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-23 13:37 [RFC manager/network v2 0/3] fix #5066: make generated snat rules flushable Lukas Sichert
2026-06-23 13:37 ` [PATCH network v2 1/3] fix #5066: snat: push evpn snat rules into separate iptables chain Lukas Sichert
2026-06-23 13:37 ` [PATCH network v2 2/3] fix #5066: snat: push simplezone " Lukas Sichert
2026-06-23 13:37 ` [PATCH manager v2 3/3] fix #5066: reload networking: flush PROXMOX-SDN iptables chain at reload Lukas Sichert
2026-06-25 15:44 ` [RFC manager/network v2 0/3] fix #5066: make generated snat rules flushable Stefan Hanreich
2026-06-25 15:51 ` Stefan Hanreich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e7461eb3-5902-4f99-aa8f-c6bec1e7e278@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.