WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] xen-unstable networking

from [Keir Fraser] [Permanent Link][Original]
To: Chris Andrews <chris@xxxxxxxxxx>
Subject: Re: [Xen-devel] xen-unstable networking
From: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Date: Sat, 27 Mar 2004 19:16:00 +0000
Cc: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date: Sat, 27 Mar 2004 19:18:09 +0000
Envelope-to: steven.hand@xxxxxxxxxxxx
In-reply-to: Your message of "Sat, 27 Mar 2004 19:09:58 GMT." <56D2D4DA-8022-11D8-B40C-000393B01B94@xxxxxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx 
> That seems to work fine: this rule gives domain 1 access to the vpn, 
> and with a NAT rule in domain 0, access to the Internet:
> 
> ADD ACCEPT srcaddr=192.168.101.1 srcaddrmask=255.255.255.255 dst=ANY 
> srcdom=1 srcidx=0 dstdom=0 dstidx=0 proto=any
> 
> Is there a way to see what the VFR rules currently are? /proc/xen/vfr 
> can be read but returns nothing. Also, is there any way to flush the 
> VFR rules?

You can delete a rule by echoing a DELETE command to
/proc/xen/vfr. e.g., to delete the rule you give as an example above,
you would send the following to /proc/xen/vfr:

DELETE ACCEPT srcaddr=192.168.101.1 srcaddrmask=255.255.255.255 dst=ANY 
srcdom=1 srcidx=0 dstdom=0 dstidx=0 proto=any

Deletion doesn't get much testing -- hopefully it won;t wedge the
machine. :-)

To print the VFR rules, 'echo PRINT >/proc/xen/vfr'. This prints the
rule list in a hideous format onto Xen's emergency console(!). We
ought to have a better 'get rules' interface really, but teh VFR will
go away with teh new IO world in a short while.

 -- Keir


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] xen-unstable networking, Chris Andrews
Next by Date:  [Xen-devel] cfengine (was: Xen at scale), Tim Freeman
Previous by Thread:  Re: [Xen-devel] xen-unstable networking, Chris Andrews
Next by Thread:  Re: [Xen-devel] xen-unstable networking, Ian Pratt
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy