[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] iptables, firewall into Dom0



Salut Sébastien,

this will certainly help you:
http://www.shorewall.net/Xen.html
Shorewall is quite easy to configure.
Good luck.
Cheers - Michael

Sébastien CRAMATTE schrieb:
> Hello
>
> I've setup Xen using vlan. I've different bridge per vlan
> Each VM have it's own iptables  script 
> I've got various type of VM  : http, ldap, mysql, nagios, ...
>
> My question is how can I protect the Dom0 without block all the traffic
> from DomU ...
> I require restrictive rules with at least these :
>
> INPUT:
> ssh (tcp)
> snmp (udp)
> snmptrap (udp)
> ping (icmp)
>
> OUTPUT
> http  (tcp)
> ssh  (tcp)
> dns  (udp)
>
>
> Regards
>
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>   


-- 
Michael Kress, kress@xxxxxxxxxxx
http://www.michael-kress.de / http://kress.net
P E N G U I N S   A R E   C O O L


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.