WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Firewall in a guest domain?

from [Chris de Vidal] [Permanent Link][Original]
To: "Mark Williamson" <mark.williamson@xxxxxxxxxxxx>
Subject: Re: [Xen-users] Firewall in a guest domain?
From: "Chris de Vidal" <Chris@xxxxxxxxxx>
Date: Tue, 19 Jul 2005 18:16:57 -0400 (EDT)
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 19 Jul 2005 22:14:16 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
Importance: Normal
In-reply-to: <200507191817.37628.mark.williamson@xxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <15907.63.95.64.254.1121792062.squirrel@xxxxxxxxxxxx> <200507191817.37628.mark.williamson@xxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: SquirrelMail/1.5.0 
Thanks for the rapid reply!

Mark Williamson said this with great authority:
>> Any tips on running a firewall inside a guest domain to protect all
>> other domains?
>
> Just use IPTables, as if it were a normal machine.
>
>> Or should I run it on domain0?
>
> You can do that too.  You can also use IPTables, EBTables, etc to restrict
> what the guests can do.

I guess what I am asking is if I can install for instance IPCop on domain3
and have it protect domains 0-9 or if I need to as you say run IPTables on
domain0 to restrict the guests... can I filter all traffice through dom3
or am I required to filter it through dom0 if I want any kind of
filtering?

CD

Ever lied?  You're a liar.  Ever stolen?  You're a thief.  Ever hated? The
bible equates hate with murder.  Ever lusted?  Jesus equated lust with
adultery.  You've broken God's law.

He'll judge all evil and you're without hope -- unless you have a savior. 
Repent and believe.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] VPN, xen-users
Next by Date:  Re: [Xen-users] Firewall in a guest domain?, Mark Williamson
Previous by Thread:  Re: [Xen-users] Firewall in a guest domain?, Mark Williamson
Next by Thread:  Re: [Xen-users] Firewall in a guest domain?, Mark Williamson
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy