|
|
|
|
|
|
|
|
|
|
xen-devel
Re: [Xen-devel] Bridging firewall?
>
> Are you sure your new scripts actually still implement the antispoof
> feature of ensuring that the guest can only send packets using its
> allocated IP? It looks to me like they're too lax.
The modification into /etc/xen/scripts/network and /etc/xen/script/vif-bridge
are just to have a functionnal antispoof when you have two bridge
but all the firewalling is done into xenU-firewall a domain connected with
vif1.0 connected to xen-br0 (the secure network) and vif1.1 connected to xen-br1
(the outside )
Is it more clear ?
i don't think that my modification the scripts are that clever ... my 2 cent
files !
>
> Ian
>
-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
|
|
|
|
|