This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-users] implimenting iptables firewall on Dom0

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] implimenting iptables firewall on Dom0
From: augusto lopes <nhanonme@xxxxxxxxxxxx>
Date: Thu, 29 May 2008 13:41:49 -0300 (ART)
Delivery-date: Thu, 29 May 2008 09:42:26 -0700
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.br; h=X-YMail-OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=M7iZqZw1oKmBrePVysUyRXlfYJFG3URbF6GDIMgBbhotu9hdjNyRcQHZtHplkuBjEh28wY35K69fJ7jI4NJWt1qq/izYiI0rosccPp705rj1OMUFTB38X5kIlwMdRlYuHlkVKKo8tQa5MhhxL84xNKbN4AJAkKCcS3Hbx7lW49U=;
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Does any bosy knows the best way of implimenting iptables firewall on the Dom0 in order to only allow selective packets in and out.
I understand that it might be chanllenging due to the fact that xen's environment creates a bridge where all the data passes to and from the guest domains. However, I am found in the situation in which I have protect some of the services that I are runnning on the DomUs by droping some packets and forwarding others.

any hints or suggestions would be greatly appreciated....


Abra sua conta no Yahoo! Mail, o único sem limite de espaço para armazenamento!
Xen-users mailing list
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] implimenting iptables firewall on Dom0, augusto lopes <=