WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] Bridging firewall?

> 
> Are you sure your new scripts actually still implement the antispoof
> feature of ensuring that the guest can only send packets using its
> allocated IP? It looks to me like they're too lax.
The modification into /etc/xen/scripts/network and /etc/xen/script/vif-bridge
are just to have a functionnal antispoof when you have two bridge
but all the firewalling is done into xenU-firewall a domain connected with
vif1.0 connected to xen-br0 (the secure network) and vif1.1 connected to xen-br1
(the outside )

Is it more clear ?
i don't think that my modification the scripts are that clever ... my 2 cent
files !
> 
> Ian
> 


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel

<Prev in Thread] Current Thread [Next in Thread>