|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge
On Sat, Nov 24, 2007 at 05:17:09PM +0200, Igor Chubin wrote: > On Sat, Nov 24, 2007 at 05:12:25PM +0200, Igor Chubin wrote: > > On Fri, Nov 23, 2007 at 04:02:46AM +0100, Stefan de Konink wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > > Hash: SHA512 > > > > > > Is there a way to prevent hwaddr/mac address spoofing between DomU's? > > > > > > > > > So in a way 'binding' a mac-address on boot time with a virtual > > > interface? (with something like ebtables/arptables/etc?) > > > > > > As far as I understand, > > you can solve your task with ebtables you have mentioned. > > > Additional note. You can modify vif-bridge script to automagically add ebtables rule when domain U is started (and its interfaces are created). Excuse me the typos. -- WBR, i.m.chubin _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |