Re: [Xen-devel] Bridged Networking in Dom 0 and Virtual NIC inWi

To:	enming.teo@xxxxxxxxxxxxxxx
Subject:	Re: [Xen-devel] Bridged Networking in Dom 0 and Virtual NIC inWindows XP Home 32-bit HVM Guest
From:	"Mr. Teo En Ming (Zhang Enming)" <enming.teo@xxxxxxxxxxxxxxx>
Date:	Mon, 24 Aug 2009 23:37:54 +0800
Cc:	cazyokoyama@xxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Mon, 24 Aug 2009 08:38:31 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<4A92AFB5.6070205@xxxxxxxxxxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References:	<B0683A6CB5FF40528A337E1D40ECE3AD@ASOITIS16> <4A92AFB5.6070205@xxxxxxxxxxxxxxx>
Reply-to:	enming.teo@xxxxxxxxxxxxxxx
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.1) Gecko/20090814 Fedora/3.0-2.6.b3.fc11 Thunderbird/3.0b3

Dear All,

Instead of flushing the forward chain in the filter table after win xphome hvm dom U has started, I have commented out/deactivated thefollowing rule in the default Fedora 11 firewall configuration:


-A FORWARD -j REJECT --reject-with icmp-host-prohibited

This rule is the cause of all trouble.

By deactivating this rule, I have totally eliminated the need to flushthe forward chain in the filter table after win xp home hvm dom U hasstarted.

Hence now my Win XP Home HVM Dom U could access the outside worldwithout any problem.


--
Mr. Teo En Ming (Zhang Enming) Dip(Mechatronics Engineering) 
BEng(Hons)(Mechanical Engineering)
Technical Support Engineer
Information Technology Department
Asiasoft Online Pte Ltd
Tampines Central 1 #04-01 Tampines Plaza
Singapore 529541
Republic of Singapore
Mobile: +65-9648-9798
MSN: teoenming@xxxxxxxxxxx
Alma Maters: Singapore Polytechnic, National University of Singapore



On 08/24/2009 11:20 PM, Mr. Teo En Ming (Zhang Enming) wrote:

Hi All,

My conclusions earlier in the day were totally erroneous.

The problem is with the FORWARD chain in the filter table.
After Win XP Home 32-bit HVM Guest has started, I flushed the forwardchain in the filter table with the command
# iptables -t filter -F FORWARD
This allows my WinXP Home HVM guest to obtain IP address successfullyfrom the wireless router using DHCP.
Success!!!
This is still a temporary fix. I still have to write the correct rulesfor the FORWARD chain in the filter table.
The following rules which are recommended by the XenNetworking Wikidid not work for me:
iptables -A FORWARD -m physdev --physdev-in eth0 --physdev-out '!'eth0 -j
ACCEPT
iptables -A FORWARD -m physdev --physdev-out eth0 --physdev-in '!'eth0 -j
ACCEPT
Neither did the rules automatically added by xend after winxp hvm hasstarted worked for me.
Anyone knows the correct iptables rules to add to the forward chain inthe filter table?





_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

WARNING - OLD ARCHIVES

xen-devel

Re: [Xen-devel] Bridged Networking in Dom 0 and Virtual NIC inWindows XP