WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] xen bridged network config woes [repost w/apology]

On Mon, 5 Feb 2007 16:58:46 -0800, "Gary W. Smith"
<gary@xxxxxxxxxxxxxxx> said:
> What does the iptables scripts look like on the Dom0.  I know that when
> I originally configured my Fedora6 server I forgot to disable it and a
> lot of things broke.

Here's my Dom0 iptables. However, I still have the same problem even if
I drop all my iptables rules and leave the box wide open with iptables
-F.

root@Dom0:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED 
ACCEPT     tcp  --  A.B.66.248/29     anywhere            tcp dpt:ssh 
ACCEPT     tcp  --  owl.webhost.net    anywhere            tcp dpt:ssh 
ACCEPT     tcp  --  A.B.66.0/28       anywhere            tcp dpt:ssh 
ACCEPT     tcp  --  A.B.68.38         anywhere            tcp dpt:ssh 
ACCEPT     tcp  --  smtp.webhost.net   anywhere            tcp dpt:ssh 
ACCEPT     all  --  adsl-209-78-192-139.dsl.lsan03.pacbell.net  anywhere 
ACCEPT     tcp  --  70-32-242-119.ontrca.adelphia.net  anywhere         
  tcp dpt:ssh 
ACCEPT     tcp  --  A.B.66.248/29     anywhere            tcp
dpt:vmware-authd 
ACCEPT     tcp  --  70-32-242-119.ontrca.adelphia.net  anywhere         
  tcp dpt:vmware-authd 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpts:ftp-data:ftp 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:smtp 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:pop3 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ntp 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ntp 
DROP       tcp  --  anywhere             anywhere            tcp
dpts:0:1023 
DROP       udp  --  anywhere             anywhere            udp
dpts:0:1023 
ACCEPT     tcp  --  outgoing.webhost.net  anywhere            tcp
dpts:amanda:10089 
ACCEPT     udp  --  outgoing.webhost.net  anywhere            udp
dpts:amanda:10089 
ACCEPT     tcp  --  am.webhost.net     anywhere            tcp
dpts:amanda:10089 
ACCEPT     udp  --  am.webhost.net     anywhere            udp
dpts:amanda:10089 
ACCEPT     tcp  --  up.webhost.net     anywhere            tcp
dpts:amanda:10089 
ACCEPT     udp  --  up.webhost.net     anywhere            udp
dpts:amanda:10089 
DROP       tcp  --  anywhere             anywhere            tcp
dpts:amanda:10089 
DROP       udp  --  anywhere             anywhere            udp
dpts:amanda:10089 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  woc-2.ce.webhost.net  anywhere            PHYSDEV
match --physdev-in vif1.0 
ACCEPT     udp  --  anywhere             anywhere            PHYSDEV
match --physdev-in vif1.0 udp spt:bootpc dpt:bootps 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       icmp --  anywhere             anywhere            state
INVALID 

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users