[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Firewalling Xen?
--- Grant McWilliams <grantmasterflash@xxxxxxxxx> wrote: > Grant McWilliams > > Some people, when confronted with a problem, think "I know, I'll use > Windows." > Now they have two problems. > > > > On Tue, Dec 16, 2008 at 9:01 AM, Thomas Goirand <thomas@xxxxxxxxxx> > wrote: > > > lists@xxxxxxxxxxxxx wrote: > > > I'm wondering how to setup a firewall for Dom0 when all traffic > for the > > DomUs go 'through' it. > > > > Hi, > > > > as we do commercial VPS hosting with xen and our own open source > > management interface, we have designed a small anti-DoS firewall to > > setup in your dom0. It does nothing spectacular, but it helps > against > > ssh dictionary attacks, and other very common flood types that > might > > hurt your server: ping, syn, etc. > > > > > > > http://git.gplhost.com/gitweb/?p=dtc-xen.git;a=blob;f=debian/dtc-xen.init;h=5e4df2e46e3a872a2d73ada77e24e8bb242f8b6b;hb=a75a32b23d6dde71dc684045b3c2e7051c30e6fa > > > > I'd be happy to have contributions in this small script that is by > the > > way very simple to extend (just add few functions for yourself and > > share, then anybody can enable/disable them with ease. > > > > Thomas > > > > > Don't you mean this ;-) > > http://git.gplhost.com/gitweb/?p=dtc-xen.git;a=blob;f=debian/dtc-xen-firewall.init;h=16139921d6efd6fc2e407f7d80b11fae97befdf9;hb=a75a32b23d6dde71dc684045b3c2e7051c30e6fa > > A bit off topic but can dtc-xen control it's users in a way that you > can > assign an admin per VM? What I'm looking for is to have each student > manage > his and only his domU. > > Grant McWilliams Hi folks, Just came across this thread. The setup of the Xen box here is as follows; DomO - a workstation for remote setup/config DomU DomU1 - mail server for routing (headless) DomU2 - mail server for domain1 (headless) DomU3 - mail server for domain2 (headless) DomU4 - mail server for domain3 (headless) etc. Firewall is only running on domU1. I'm running virtual domains, with all domains pointing at the same public IP (one public IP). All ports on router are forwarded to the local IP of DomU1. Do I need to have firewall installed on each DomU? TIA B.R. Stephen L Send instant messages to your online friends http://uk.messenger.yahoo.com _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |