WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] IpTables config file for Dom0

from [Heiko Wundram] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] IpTables config file for Dom0
From: Heiko Wundram <me+xen-users@xxxxxxxxxxxxx>
Date: Tue, 25 Apr 2006 19:47:18 +0200
Delivery-date: Tue, 25 Apr 2006 10:47:14 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <62b0912f0604250934h7aa8eb35y22984a855b4a6796@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <057201c66880$408ec9c0$0201a8c0@comp1> <62b0912f0604250934h7aa8eb35y22984a855b4a6796@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.9.1 
Am Dienstag 25 April 2006 18:34 schrieb Molle Bestefich:
> Non-GUI-managed firewalls?
> When was that considered practical.. circa 1980?

Huh? I don't use a GUI to manage our firewall, and that's pretty standard for 
all organizations I know around here. Using a GUI to manage a firewall (and 
hiding the inherent complexity that a firewall always is), is more errorprone 
than an administrator who knows what he's doing and can reasonably 
efficiently see what parts of the system a change to the firewall rules would 
affect, additionally, an administrator can compute much shorter rulesets than 
an equivalent automated tool.

Of course, this only applies to one-level firewalling; if you have two or more 
levels, a helper certainly is in order, especially if you need to trace 
packet paths. But a GUI? Why?

Anyway, I'd happily post our /etc/sysconfig/iptables (which is pretty standard 
stuff), if there was such a beast under Gentoo, but alas, there isn't. It's 
not RedHat.

--- Heiko.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Xen Partition Performance, Christopher G. Stach II
Next by Date:  [Xen-users] XenAccess Library: Introspection for Xen, Bryan D. Payne
Previous by Thread:  Re: [Xen-users] IpTables config file for Dom0, Molle Bestefich
Next by Thread:  Re: [Xen-users] IpTables config file for Dom0, Craig Webster
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy