[Xen-users] implimenting iptables firewall on Dom0

To:	xen-users@xxxxxxxxxxxxxxxxxxx
Subject:	[Xen-users] implimenting iptables firewall on Dom0
From:	augusto lopes <nhanonme@xxxxxxxxxxxx>
Date:	Thu, 29 May 2008 13:41:49 -0300 (ART)
Delivery-date:	Thu, 29 May 2008 09:42:26 -0700
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.br; h=X-YMail-OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=M7iZqZw1oKmBrePVysUyRXlfYJFG3URbF6GDIMgBbhotu9hdjNyRcQHZtHplkuBjEh28wY35K69fJ7jI4NJWt1qq/izYiI0rosccPp705rj1OMUFTB38X5kIlwMdRlYuHlkVKKo8tQa5MhhxL84xNKbN4AJAkKCcS3Hbx7lW49U=;
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx

Does any bosy knows the best way of implimenting iptables firewall on the Dom0 in order to only allow selective packets in and out.
I understand that it might be chanllenging due to the fact that xen's environment creates a bridge where all the data passes to and from the guest domains. However, I am found in the situation in which I have protect some of the services that I are runnning on the DomUs by droping some packets and forwarding others.

any hints or suggestions would be greatly appreciated....

Glopes

Abra sua conta no Yahoo! Mail, o único sem limite de espaço para armazenamento!

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users