[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] implimenting iptables firewall on Dom0

  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: augusto lopes <nhanonme@xxxxxxxxxxxx>
  • Date: Thu, 29 May 2008 13:41:49 -0300 (ART)
  • Delivery-date: Thu, 29 May 2008 09:42:26 -0700
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.br; h=X-YMail-OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=M7iZqZw1oKmBrePVysUyRXlfYJFG3URbF6GDIMgBbhotu9hdjNyRcQHZtHplkuBjEh28wY35K69fJ7jI4NJWt1qq/izYiI0rosccPp705rj1OMUFTB38X5kIlwMdRlYuHlkVKKo8tQa5MhhxL84xNKbN4AJAkKCcS3Hbx7lW49U=;
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

Does any bosy knows the best way of implimenting iptables firewall on the Dom0 in order to only allow selective packets in and out.
I understand that it might be chanllenging due to the fact that xen's environment creates a bridge where all the data passes to and from the guest domains. However, I am found in the situation in which I have protect some of the services that I are runnning on the DomUs by droping some packets and forwarding others.

any hints or suggestions would be greatly appreciated....


Abra sua conta no Yahoo! Mail, o único sem limite de espaço para armazenamento!
Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.