[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Domain0 and firewalls

On Wednesday 22 February 2006 13:49, David Koski wrote:

> Thanks Tom.  Since I have eth0 and eth1 I have put this in zones:
> fw      firewall
> xen0    ipv4
> xen1    ipv4
> ..and this in interfaces:
> xen0    xenbr0      detect      routeback
> xen1    xenbr1      detect      routeback
> Perhaps xen0 would be better named loc and xen1 named dmz.

Shorewall attaches absolutely no meaning to zone names so you can call them 
'foo' and 'bar' if you like; whatever has meaning to you.

> Is that it?

Looks fine.

Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@xxxxxxxxxxxxx
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

Attachment: pgp3yul19ywyx.pgp
Description: PGP signature

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.