[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-users] Xen 3.3 bridged-networking

  • To: "Maximilian W. Zeller" <mawize@xxxxxxxxx>, <xen-users@xxxxxxxxxxxxxxxxxxx>
  • From: "James Harper" <james.harper@xxxxxxxxxxxxxxxx>
  • Date: Mon, 24 Nov 2008 20:31:58 +1100
  • Cc:
  • Delivery-date: Mon, 24 Nov 2008 01:32:35 -0800
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
  • Thread-index: AclOFgLesBR5Lr8YQpaEQzz76MbE2QAAVFJA
  • Thread-topic: [Xen-users] Xen 3.3 bridged-networking
> Hi
> 
> I don't quite understand the new xen networking. We use
network-bridge!
> Everything works fine except that an iptables firewall on dom0 blocks
all
> my domU. In my firewall settings i use eth0. I figured out that eth0
is
> the bridge but where is the interface for dom0? I want my firewall
setting
> to only apply to dom0 interface!
> Since there is not anything like vif0.0 i don't know on which
interface to
> set up my firewall. Any suggestions how to solve this problem?
> 

Try:
echo 0 >/proc/sys/net/bridge/bridge-nf-call-iptables
echo 0 >/proc/sys/net/bridge/bridge-nf-call-ip6tables
echo 0 >/proc/sys/net/bridge/bridge-nf-call-arptables

That should make the firewall behave a bit more like what you are
expecting.

James

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.