WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Iptables and Xen

from [Tapas Mishra] [Permanent Link][Original]
To: Abhishek Bichhawat <abhishek.bichhawat@xxxxxxxxx>
Subject: Re: [Xen-users] Iptables and Xen
From: Tapas Mishra <mightydreams@xxxxxxxxx>
Date: Thu, 16 Jun 2011 14:26:25 +0530
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 16 Jun 2011 01:57:35 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=F2EwRp+S4WTvX8EWbOr8UawqN0mDQqNXAwcdHtZUSIU=; b=lAuiiel/wNXcXqfaA2lQ6ouhf2NL/L1bYvCA0lgzXwO70nURttm3gbK97bIZ0VKWE6 Rp0hhZE/zwxPcve3u/3IHobU0/LKt+G/VOq9DQjRwLhuYaayH2uGqCuxK4ZJvLrUosWq nWqvwymqwM0igPmEWAVcE4nETDIsmaYih/uqA=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=mDPATfszeZRPSSxOqUJQJGOx3+XMLRj98HIiEjJJT3XwNta66VoT+7jcQmPO23W31C MBqOEPc7yNRb5IrMcBJ4QEiAPD9YpbCW9igAnJUI75eTefeG8BPw1EU4qLmey9YuV7mv XFBcMZL3hrbhza8PqA8zSMWInk/I0SnKyd76g=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <BANLkTi=z94zTWkR0BrUdPM48oVSChyj=sA@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <BANLkTi=z94zTWkR0BrUdPM48oVSChyj=sA@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
On Fri, Jun 10, 2011 at 12:02 PM, Abhishek Bichhawat
<abhishek.bichhawat@xxxxxxxxx> wrote:
> Hi,
>
> I have been trying to filter out domU packets from dom0 using iptables.
> I tried the following:
>
> iptables -I FORWARD -m physdev --physdev-in peth0 --physdev-out vif1.0 -j
> domU
> iptables -A domU -j DROP
>
> I expect that this should drop all the packets meant for domU,
Assuming that you did not do a syntax error and did as you wanted to
iptables -A domU -j DROP seems odd to me
iptables -A --destination domU -j DROP is making a bit sense.
See if you meant this only.
Paste the output of iptables -L -v -n on pastebin etc...
-----------
Tapas

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] kernel-3.0-0 dom0, python2.7, and xen 4.0.x on ubuntu 11.10, Boris Derzhavets
Next by Date:  [Xen-users] encrypted virtual machines, David Oros
Previous by Thread:  RE: [Xen-users] Iptables and Xen, Dustin Henning
Next by Thread:  [Xen-users] Munin?, Tobias Matthaeus
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy