WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Xen and IPtables

from [Ryan Kennedy] [Permanent Link][Original]
To: James Clemence <jamesvclemence@xxxxxxxxxxxxxx>
Subject: Re: [Xen-users] Xen and IPtables
From: Ryan Kennedy <rkennedy@xxxxxxxxxxxxxx>
Date: Wed, 29 Apr 2009 13:15:45 -0600
Cc: "xen-users@xxxxxxxxxxxxxxxxxxx" <xen-users@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 29 Apr 2009 12:16:26 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <693269b50904291202n45d2b268ua71a07e6ba8a3082@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Organization: Avail Media, Inc.
References: <693269b50904291202n45d2b268ua71a07e6ba8a3082@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.21 (X11/20090408) 
Are you using bridging or PCI passthrough?

James Clemence wrote:
> Hi, just a brief question regarding iptables and Dom0. I am wondering
> how I can apply IPtables rules purely to the traffic to the Dom0,
> without blocking that going to the domUs.
>
> I have tried using -d <dom0 IP> with drop rules except SSH.
>
> However, if this is done on the INPUT chain it blocks off the traffic
> going to the DomUs too... Just wondering whether I can have any
> pointers to get this sort of solution:
>
> Iptables <block all except ssh to dom0>
> but allow domU traffic through which I am handling in per-domU chains
> on FORWARD.
>
> Have been slightly confused with this one, any help would be great,
> cheers,
>
> J

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] Migration from 3.1 to 3.3?, Christopher Chen
Next by Date:  [Xen-users] Problems with xenmon, Jia Rao
Previous by Thread:  [Xen-users] Xen and IPtables, James Clemence
Next by Thread:  Re: [Xen-users] Xen and IPtables, James Clemence
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy