[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] iptables, firewall into Dom0

To: xen-users@xxxxxxxxxxxxxxxxxxx
From: Michael Kress <kress@xxxxxxxxxxx>
Date: Sun, 29 Oct 2006 21:17:39 +0100
Delivery-date: Sun, 29 Oct 2006 12:21:06 -0800
List-id: Xen user discussion <xen-users.lists.xensource.com>

Salut Sébastien,

this will certainly help you:
http://www.shorewall.net/Xen.html
Shorewall is quite easy to configure.
Good luck.
Cheers - Michael

Sébastien CRAMATTE schrieb:
> Hello
>
> I've setup Xen using vlan. I've different bridge per vlan
> Each VM have it's own iptables  script 
> I've got various type of VM  : http, ldap, mysql, nagios, ...
>
> My question is how can I protect the Dom0 without block all the traffic
> from DomU ...
> I require restrictive rules with at least these :
>
> INPUT:
> ssh (tcp)
> snmp (udp)
> snmptrap (udp)
> ping (icmp)
>
> OUTPUT
> http  (tcp)
> ssh  (tcp)
> dns  (udp)
>
>
> Regards
>
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>   


-- 
Michael Kress, kress@xxxxxxxxxxx
http://www.michael-kress.de / http://kress.net
P E N G U I N S   A R E   C O O L


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

References:
- [Xen-users] iptables, firewall into Dom0
  - From: Sébastien CRAMATTE

Prev by Date: [Xen-users] iptables not working. dom0, CentOS 4.4 domU, Debian 3.1 Xen 3.0.3-0 from source
Next by Date: Re: [Xen-users] Q: CPU usage in Dom0
Previous by thread: [Xen-users] iptables, firewall into Dom0
Next by thread: [Xen-users] mm.c:line=582 Non-privileged attempt to map I/O space
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.