Xen project Mailing List

Re: [Xen-devel] Bridged Networking in Dom 0 and Virtual NIC inWindows XP Home 32-bit HVM Guest

To: enming.teo@xxxxxxxxxxxxxxx

From: "Mr. Teo En Ming (Zhang Enming)" <enming.teo@xxxxxxxxxxxxxxx>

Date: Mon, 24 Aug 2009 23:37:54 +0800

Cc: cazyokoyama@xxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxx

Delivery-date: Mon, 24 Aug 2009 08:38:31 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Dear All,

Instead of flushing the forward chain in the filter table after win xp

home hvm dom U has started, I have commented out/deactivated the

following rule in the default Fedora 11 firewall configuration:

-A FORWARD -j REJECT --reject-with icmp-host-prohibited This rule is the cause of all trouble.

By deactivating this rule, I have totally eliminated the need to flush

the forward chain in the filter table after win xp home hvm dom U has

started.

Hence now my Win XP Home HVM Dom U could access the outside world

without any problem.

-- Mr. Teo En Ming (Zhang Enming) Dip(Mechatronics Engineering) BEng(Hons)(Mechanical Engineering) Technical Support Engineer Information Technology Department Asiasoft Online Pte Ltd Tampines Central 1 #04-01 Tampines Plaza Singapore 529541 Republic of Singapore Mobile: +65-9648-9798 MSN: teoenming@xxxxxxxxxxx Alma Maters: Singapore Polytechnic, National University of Singapore On 08/24/2009 11:20 PM, Mr. Teo En Ming (Zhang Enming) wrote:

Hi All,

My conclusions earlier in the day were totally erroneous.

The problem is with the FORWARD chain in the filter table.

After Win XP Home 32-bit HVM Guest has started, I flushed the forwardchain in the filter table with the command


# iptables -t filter -F FORWARD

This allows my WinXP Home HVM guest to obtain IP address successfullyfrom the wireless router using DHCP.


Success!!!

This is still a temporary fix. I still have to write the correct rulesfor the FORWARD chain in the filter table.

The following rules which are recommended by the XenNetworking Wikidid not work for me:

iptables -A FORWARD -m physdev --physdev-in eth0 --physdev-out '!'eth0 -j

ACCEPT

iptables -A FORWARD -m physdev --physdev-out eth0 --physdev-in '!'eth0 -j

ACCEPT

Neither did the rules automatically added by xend after winxp hvm hasstarted worked for me.

Anyone knows the correct iptables rules to add to the forward chain inthe filter table?

_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.