[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Network issues with SuSE firewall

> > I'm afraid I'm not entirely surprised that xen_nat_enable doesn't
> > play well with your firewall. 
> I'll do a little more diagnosis in the future.  What I think
> happened, though, is that the NAT's nat* rules somehow discarded
> the filter* rules.  I was also getting some complaints about
> mangle* needing to load the iptables module, which was not found
> (this was when I was trying to re-add my default rules).

I fear the xen_nat_enable script basically does a 'flush all
rules' to start with. Someone who understands iptables better
should be able to fix this...

> 2) Hmmm -- this does not work.  Any quick guess what to try fixing?

> $ xenctl domain list
> id: 0 (Domain-0)
>   processor: 0
>   has cpu: true
>   state: 0 active
>   mcu advance: 10
>   total pages: 192000
> id: 2 (XenoLinux)
>   processor: 0
>   has cpu: false
>   state: 1 stopped
>   mcu advance: 10
>   total pages: 24576

Did you start a domain 1 that then exited? 

The IP address of you're currently running domain (id: 2) should

"state: 1 stopped" doesn't look good, though. Have you actually
"xenctl domain start"'ed the domain?


This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.