WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Xen and Firehol

from [Gareth Bult] [Permanent Link][Original]
To: info@xxxxxx
Subject: Re: [Xen-users] Xen and Firehol
From: Gareth Bult <gareth@xxxxxxxxxxxxx>
Date: Wed, 13 Feb 2008 14:05:00 +0000 (GMT)
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 13 Feb 2008 06:04:45 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <47B2D93A.2010902@xxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
Hi,

I could give you something that works-ish .. but DON'T .. firehol will make 
your system unstable and unpredictable.
Avoid all iptables stuff in the Dom0 and stick it in the DomU's instead .. (!)


----- Original Message -----
step 3.: "John" <info@xxxxxx>
To: xen-users@xxxxxxxxxxxxxxxxxxx
Sent: 13 February 2008 11:49:14 o'clock (GMT) Europe/London
Subject: [Xen-users] Xen and Firehol

Hello all,

Sorry if this has been asked before, but Googling did not give me any 
answers..

I would like to use Firehol (iptables configurator) on  a Xen Dom0  - 
does anyone has a recipe for that?

I can use Firehol on the DomUs but not on the Dom0 - all network access 
is stopped when I activate Firehol.

Any pointers or help would be appreciated - it's good to protect my Dom0 
because now it's open for VNC clients for instance on ports 590x and I 
want to limit that to our own network.

Thanks,

John

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Reg Disk space in guest domain with fedora img, Todd Deshane
Next by Date:  Re: [Xen-users] building xen, Luke
Previous by Thread:  Re: [Xen-users] Xen and Firehol, Stephan Seitz
Next by Thread:  Re: [Xen-users] Xen and Firehol, Erin Hughes
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy