WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] XEN 4.0.1 bridged network - antispoof Option does not wo

To: Xen List <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] XEN 4.0.1 bridged network - antispoof Option does not work
From: Peter Braun <xenware@xxxxxxxxx>
Date: Mon, 15 Nov 2010 14:07:04 +0100
Delivery-date: Mon, 15 Nov 2010 05:08:22 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=xEoeFVDvdN/KnCdPx/ZZn20eQyj0LUvRaFMmq9BDTuA=; b=xIwGfb8Jgs5QMW2f7+dNk7wJfaBp9x80kUaXJhB1rqfJuGxfoqaLPVz5QEGcST3CdV tBPtP2cMGdahRySKGcs2drnrtTCVD+88cIBhtTEx6F6sxfszfAVYn+u4nBLdVMeCOymf xB9OXwtrmu136TxYQONoLNAL5GD9mODCofsnQ=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=G7b11obsnIsjypmE9ZA0vAwsyPh6pL1t9ROQEjogmUjBCGayocahVGtvZhUfVUypz9 EEO3hbl3f9qufj5d4dpO6YVdMTz1siYfEiizlp5X2rGcEA6b16XNDxulFUYWFOj7/J8m OKM5TzhtUu6obtyY5E3sbqMofAS5TmpLp4UBs=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <754031.26465.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <754031.26465.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Same behaviour here - antispoof not working in 4.0.1

Br

Peter



2010/11/3 Giovanni Bellac <giovannib1979@xxxxxxxxx>:
> Hello
>
> with XEN 3.4.x antispoof=yes works on a bridge setup.
> I am using this line in xend-config.sxp
> (network-script 'network-bridge antispoof=yes')
>
> It creates this under IPTABLES FORWARD chain:
> ACCEPT     all  --  anywhere             anywhere            PHYSDEV match
> --physdev-in peth0
>
>
> Under XEN 4.0.1 it is not working, it does not create a IPTABLES rule.
> Customers can "steal" IP addresses.
> There is a part in the network-bridge script of XEN 4.0.1 about anitspoof.
> But I think that above line in xend-config.sxp is not working anymore with
> XEN 4.0.1.
>
> setup:
> Debian 5.0
> XEN 3.4.3 self compiled (2.6.18.x)
> XEN 4.0.1 self compiled (2.6.32.x)
>
> Regards
> Giovanni
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>