|  |  | 
  
    |  |  | 
 
  |   |  | 
  
    |  |  | 
  
    |  |  | 
  
    |   xen-users
Re: [Xen-users] iptables, firewall into Dom0 
| Salut Sébastien,
this will certainly help you:
http://www.shorewall.net/Xen.html
Shorewall is quite easy to configure.
Good luck.
Cheers - Michael
Sébastien CRAMATTE schrieb:
> Hello
>
> I've setup Xen using vlan. I've different bridge per vlan
> Each VM have it's own iptables  script 
> I've got various type of VM  : http, ldap, mysql, nagios, ...
>
> My question is how can I protect the Dom0 without block all the traffic
> from DomU ...
> I require restrictive rules with at least these :
>
> INPUT:
> ssh (tcp)
> snmp (udp)
> snmptrap (udp)
> ping (icmp)
>
> OUTPUT
> http  (tcp)
> ssh  (tcp)
> dns  (udp)
>
>
> Regards
>
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>   
-- 
Michael Kress, kress@xxxxxxxxxxx
http://www.michael-kress.de / http://kress.net
P E N G U I N S   A R E   C O O L
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
 | 
 |  | 
  
    |  |  |