[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Xen and IPtables

To: James Clemence <jamesvclemence@xxxxxxxxxxxxxx>
From: Ryan Kennedy <rkennedy@xxxxxxxxxxxxxx>
Date: Wed, 29 Apr 2009 13:15:45 -0600
Cc: "xen-users@xxxxxxxxxxxxxxxxxxx" <xen-users@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 29 Apr 2009 12:16:26 -0700
List-id: Xen user discussion <xen-users.lists.xensource.com>

Are you using bridging or PCI passthrough?

James Clemence wrote:
> Hi, just a brief question regarding iptables and Dom0. I am wondering
> how I can apply IPtables rules purely to the traffic to the Dom0,
> without blocking that going to the domUs.
>
> I have tried using -d <dom0 IP> with drop rules except SSH.
>
> However, if this is done on the INPUT chain it blocks off the traffic
> going to the DomUs too... Just wondering whether I can have any
> pointers to get this sort of solution:
>
> Iptables <block all except ssh to dom0>
> but allow domU traffic through which I am handling in per-domU chains
> on FORWARD.
>
> Have been slightly confused with this one, any help would be great,
> cheers,
>
> J

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Follow-Ups:
- Re: [Xen-users] Xen and IPtables
  - From: James Clemence

References:
- [Xen-users] Xen and IPtables
  - From: James Clemence

Prev by Date: [Xen-users] Migration from 3.1 to 3.3?
Next by Date: [Xen-users] Problems with xenmon
Previous by thread: [Xen-users] Xen and IPtables
Next by thread: Re: [Xen-users] Xen and IPtables
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.