 Home |
About Xen.org |
Xen |
Xen Summit |
Wiki |
Mailing List |
Bug Tracker |
Xen Downloads |
xen-users
Re: [Xen-users] iptables, firewall into Dom0
| To: | xen-users@xxxxxxxxxxxxxxxxxxx |
|---|---|
| Subject: | Re: [Xen-users] iptables, firewall into Dom0 |
| From: | Michael Kress <kress@xxxxxxxxxxx> |
| Date: | Sun, 29 Oct 2006 21:17:39 +0100 |
| Delivery-date: | Sun, 29 Oct 2006 12:21:06 -0800 |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxx |
| In-reply-to: | <454379E9.7060807@xxxxxxxxxx> |
| List-help: | <mailto:xen-users-request@lists.xensource.com?subject=help> |
| List-id: | Xen user discussion <xen-users.lists.xensource.com> |
| List-post: | <mailto:xen-users@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe> |
| References: | <454379E9.7060807@xxxxxxxxxx> |
| Sender: | xen-users-bounces@xxxxxxxxxxxxxxxxxxx |
| User-agent: | Thunderbird 1.5.0.7 (Windows/20060909) |
Salut Sébastien, this will certainly help you: http://www.shorewall.net/Xen.html Shorewall is quite easy to configure. Good luck. Cheers - Michael Sébastien CRAMATTE schrieb: > Hello > > I've setup Xen using vlan. I've different bridge per vlan > Each VM have it's own iptables script > I've got various type of VM : http, ldap, mysql, nagios, ... > > My question is how can I protect the Dom0 without block all the traffic > from DomU ... > I require restrictive rules with at least these : > > INPUT: > ssh (tcp) > snmp (udp) > snmptrap (udp) > ping (icmp) > > OUTPUT > http (tcp) > ssh (tcp) > dns (udp) > > > Regards > > > > _______________________________________________ > Xen-users mailing list > Xen-users@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xen-users > -- Michael Kress, kress@xxxxxxxxxxx http://www.michael-kress.de / http://kress.net P E N G U I N S A R E C O O L _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-users] iptables not working. dom0, CentOS 4.4 domU, Debian 3.1 Xen 3.0.3-0 from source, Matt Okeson-Harlow |
|---|---|
| Next by Date: | Re: [Xen-users] Q: CPU usage in Dom0, Daniel Bareiro |
| Previous by Thread: | [Xen-users] iptables, firewall into Dom0, Sébastien CRAMATTE |
| Next by Thread: | [Xen-users] mm.c:line=582 Non-privileged attempt to map I/O space, Michael R. Hines |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
xen.org, 