WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] XEN 4.0.1 bridged network - antispoof Option does not work

from [Giovanni Bellac] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] XEN 4.0.1 bridged network - antispoof Option does not work
From: Giovanni Bellac <giovannib1979@xxxxxxxxx>
Date: Wed, 3 Nov 2010 10:42:37 +0000 (GMT)
Delivery-date: Wed, 03 Nov 2010 03:43:58 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ymail.com; s=s1024; t=1288780957; bh=Glu79sSyONdyHr0hwCOJIeBm4xGefTrmC8O4RWT/cPs=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=v+c6y/ulCrJJ53whRl3BM9pIetlxOZblZAxDWeL0jFKEnut4sXrKOrTnIxUUwVmf3mM5ByScups95WY9Ddhh4fVUMG4AkUnxxZ40VCPOuPGQHXHctpo4uHiiLy4nrIpe4E803iZB8JhHkd3FlAcMdzE2uYPMlGH385i+/H40O/g=
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=ymail.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=jwXZyyv5wvtDz8/sNRhjGNjHXPMJUVzKLCFOStCyKOgLRmEFVHTPs5cP1oAgrIsL6RDwYpZkpgK+obuTNofjIQ/5cUjqGMqeX+4RCMVr9GfTHqLFT5fH2pjVEc4a6hcGplN7rjQYQt6WwUMPdUlnUYUUfpqU0A3DFMpetpbOVsY=;
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hello

with XEN 3.4.x antispoof=yes works on a bridge setup.
I am using this line in xend-config.sxp
(network-script 'network-bridge antispoof=yes')

It creates this under IPTABLES FORWARD chain:
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match --physdev-in peth0


Under XEN 4.0.1 it is not working, it does not create a IPTABLES rule. Customers can "steal" IP addresses.
There is a part in the network-bridge script of XEN 4.0.1 about anitspoof. But I think that above line in xend-config.sxp is not working anymore with XEN 4.0.1.

setup:
Debian 5.0
XEN 3.4.3 self compiled (2.6.18.x)
XEN 4.0.1 self compiled (2.6.32.x)

Regards
Giovanni

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] Setup Xen4 and pvops 2.6.32.25 on CenOS 5.5, Alexandra Kisin
Next by Date:  [Xen-users] Re: [Xen-devel] Re: [UNSTABLE REPORT] Intel Integrated Graphics (IGD) VGA Passthrough to Microsoft Windows 7 Enterprise 90-day Trial with Xen 4.0.2-rc1-pre Hypervisor and pv-ops dom0 kernel 2.6.32.21, Tobias Geiger
Previous by Thread:  [Xen-users] Setup Xen4 and pvops 2.6.32.25 on CenOS 5.5, Alexandra Kisin
Next by Thread:  Re: [Xen-users] XEN 4.0.1 bridged network - antispoof Option does not work, Peter Braun
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy