On 2013?01?09? 21:58, Joe Warren-Meeks wrote: > Hi guys, > > I've managed to disable NAT by deleting the correct rule. This means > all my instances are properly routable no, which is exactly what I want. > > To do this, I'm using > > iptables -vnL -t nat --line-numbers > > to get the rule number from the nova-network-snat chain and deleting > it using: > > iptables -t nat -D nova-network-snat <num> > > My question is when and where are those snat rules created, so that I > can prevent them from being setup in the first place. > > Kind regards > > -- joe. > > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack at lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp 1. delete all floating ips allocate a floating ip to instance will create a SNAT rule and 2 DNAT rules. 2. iptables -t nat -I nova-network-float-snat -j RETURN avoid the shared SNAT rule -- Jian Wen Software Engineer, Services and Support Team Canonical, Ltd -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130109/35fa667c/attachment.html>