Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Firewall in a guest domain?

from [Chris de Vidal] [Permanent Link][Original]
To: "Mark Williamson" <mark.williamson@xxxxxxxxxxxx>
Subject: Re: [Xen-users] Firewall in a guest domain?
From: "Chris de Vidal" <Chris@xxxxxxxxxx>
Date: Tue, 19 Jul 2005 18:16:57 -0400 (EDT)
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 19 Jul 2005 22:14:16 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
Importance: Normal
In-reply-to: <200507191817.37628.mark.williamson@xxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <15907.63.95.64.254.1121792062.squirrel@xxxxxxxxxxxx> <200507191817.37628.mark.williamson@xxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: SquirrelMail/1.5.0 
Thanks for the rapid reply!

Mark Williamson said this with great authority:
>> Any tips on running a firewall inside a guest domain to protect all
>> other domains?
>
> Just use IPTables, as if it were a normal machine.
>
>> Or should I run it on domain0?
>
> You can do that too.  You can also use IPTables, EBTables, etc to restrict
> what the guests can do.

I guess what I am asking is if I can install for instance IPCop on domain3
and have it protect domains 0-9 or if I need to as you say run IPTables on
domain0 to restrict the guests... can I filter all traffice through dom3
or am I required to filter it through dom0 if I want any kind of
filtering?

CD

Ever lied?  You're a liar.  Ever stolen?  You're a thief.  Ever hated? The
bible equates hate with murder.  Ever lusted?  Jesus equated lust with
adultery.  You've broken God's law.

He'll judge all evil and you're without hope -- unless you have a savior. 
Repent and believe.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] VPN, xen-users
Next by Date:  Re: [Xen-users] Firewall in a guest domain?, Mark Williamson
Previous by Thread:  Re: [Xen-users] Firewall in a guest domain?, Mark Williamson
Next by Thread:  Re: [Xen-users] Firewall in a guest domain?, Mark Williamson
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy