tools/hotplug/Linux: supply --physdev-is-bridged in iptables runes

With newer (pvops) kernels logs get flooded with this iptables
warning: physdev match: using --physdev-out in the OUTPUT, FORWARD and
POSTROUTING chains for non-bridged traffic is not supported anymore

Using the --physdev-is-bridged option prevents this.
See also: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571634#10

Signed-off-by: Sander Eikelenboom <linux@eikelenboom.it>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>

diff --git a/tools/hotplug/Linux/vif-common.sh b/tools/hotplug/Linux/vif-common.sh
index 780cc718abb100965484f87d7cffae00debbf031..05ee712fd9bca4d768122646ffae265964c6a433 100644 (file)
--- a/tools/hotplug/Linux/vif-common.sh
+++ b/tools/hotplug/Linux/vif-common.sh
@@ -105,10 +105,10 @@ frob_iptable()
     local c="-D"
   fi
 
-  iptables "$c" FORWARD -m physdev --physdev-in "$vif" "$@" -j ACCEPT \
+  iptables "$c" FORWARD -m physdev --physdev-is-bridged --physdev-in "$vif" "$@" -j ACCEPT \
     2>/dev/null &&
   iptables "$c" FORWARD -m state --state RELATED,ESTABLISHED -m physdev \
-    --physdev-out "$vif" -j ACCEPT 2>/dev/null
+    --physdev-is-bridged --physdev-out "$vif" -j ACCEPT 2>/dev/null
 
   if [ "$command" == "online" -a $? -ne 0 ]
   then