[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Dom 0 firewall

  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: Thomas Goirand <thomas@xxxxxxxxxx>
  • Date: Thu, 25 Jun 2009 08:34:49 +0800
  • Delivery-date: Wed, 24 Jun 2009 17:35:41 -0700
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
  • Openpgp: id=98EF9A49

Ian Tobin wrote:
> Yes im trying to restrict traffic to Dom 0.
> Im not quite sure what policy to set, I did have one setup before when i used 
> the source version of Xen but deb version is causing problems when I apply 
> the firewall script.
> Do you have a default  one you use?
> Thanks
> Ian


As I always say, the firewall goal is not always to block / reject.
Here's our rate limiting script:


It works with the following config file:


If others have some ideas to implement in this general purpose anti-DoS
firewall script, I'd be VERY happy to have contributions.


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.