This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] domU ips with out dom0

To: Zeeshan Ali Shah <zashah@xxxxxxxxxx>, Xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] domU ips with out dom0
From: Jonathan Tripathy <jonnyt@xxxxxxxxxxx>
Date: Thu, 17 Feb 2011 16:08:30 +0000
Delivery-date: Thu, 17 Feb 2011 08:10:09 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4D5D475A.9090205@xxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4D5BED77.7060502@xxxxxxxxxx> <4D5BF238.5050904@xxxxxxxxxxx> <4D5BF439.2010908@xxxxxxxxxx> <4D5BF55C.6010300@xxxxxxxxxxx> <4D5D475A.9090205@xxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20101027 Thunderbird/3.1.6

On 17/02/11 16:05, Zeeshan Ali Shah wrote:
thanks a lot Jonathan,
do you have good example for ebtable i.e. to have firewall on outgoing bridge ?

No probs.

Syntax for ebtables is very similar to iptables, except ebtables works at layer-2. So, to stop eth0 traffic from entering the input chain on the Dom0, just do:

ebtables -I INPUT -i eth0 -j BLOCK

Xen-users mailing list

<Prev in Thread] Current Thread [Next in Thread>