|
|
|
|
|
|
|
|
|
|
xen-users
[Xen-users] XCP - untrusted domUs?
Our ongoing experiments with XCP have been encouraging - still struggling
with debian Lenny install and my question from last week didn't get
answered -hint, hint! ;-)
Anyway, does XCP have any native support for iptables and ebtables rules?
- what I mean is, we currently use Xen 3.4.2 on CentOS and roll our own
iptables and ebtables rules to prevent IP spoofing and also _try_ and
prevent DHCP requests being answered by DHCP servers other than our own.
This has an overhead in that every time install and upgrade a dom0 we have
to also clone the config and associated dependencies. It would be really
cool if this kind of thing 'just worked'. It would be even cooler if it
was configurable in the domU config file. For us this kind of thing is
very important when hosting untrusted domUs. We also prefer pvgrub
aswell, but that wouldn't be a deal breaker.
Does XCP support anything like this? - I know it is basically CentOS, so
in theory one could roll their own config, but that would take away
somewhat from the simplicity of it all.
Thanks,
Matt
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Xen-users] XCP - untrusted domUs?,
Matthew Law <=
|
|
|
|
|