WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] IP blocking

from [Nico Kadel-Garcia] [Permanent Link][Original]
To: shacky <shacky83@xxxxxxxxx>
Subject: Re: [Xen-users] IP blocking
From: Nico Kadel-Garcia <nkadel@xxxxxxxxx>
Date: Mon, 06 Aug 2007 20:54:14 +0100
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 06 Aug 2007 12:51:34 -0700
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=KEaJ/ZCOfeDnAuoydJG5HMjWfE+x6IQpXluK1LVdEEvr5GHnM7Bq4ZJOR/Zo5T7d8dqJLDCISwamR3qojqlrky/Tw6lH44eQhtbCBOzlwQJAFaT1ORXpercwWppbezRMQgIZ1oq5fyDvxvO3xLDF7m4R0Cdfpq9yOukdFgFRz0M=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=K6PQ2o5LyR7RfH9dZStnTlh/xB/mT1g/mXjXDCS5VGRb1X7Dg3ANeE0lU/bTIyrwn6Qcj1Y20acFiGpTvjMjaXmJVFzL56JOQx38SDMUCzzaYxIYu+88124NhJB9b3nHMxqp1kfi5OZ+nnqmeZh+l6nbH25bkDPRss730SySgSI=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <7fedbc910708060518s510357cdx7e3be43159616815@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <7fedbc910708060518s510357cdx7e3be43159616815@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.12 (Windows/20070509) 
shacky wrote:

Hi.

How I can assing a given IP address to a given domU and force the user
of that domU to use that IP address and not all other?
I don't want the user to change the IP address of his virtual machine
in /etc/network/interfaces with one ore more IP addresses which are
not assigned to him.
In addition I don't want the user to create more virtual interface
(eth0:x) than he is allowed to use (I allow each domU to have only two
IP addresses).
This isn't really a Xen issue: it's a "someone has root on a machine in my cluster" issue.
You can try to outsmart them by upstream switch programming, firewall setups, local configurations, etc. Or you can save trying to implement that in complex new configurations and monitor the "xm list -l" XML based output for forbidden configurations, and slap down any domain you catch misbehaving this way. 

At least, that's how *I'd* do it....

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Congratulations to Xen team!, Daniel P. Berrange
Next by Date:  Re: [Xen-users] pci export/passthrough, Age_M
Previous by Thread:  Re: [Xen-users] IP blocking, Daniel P. Berrange
Next by Thread:  [Xen-users] How to install visble domainU on xen? such like xwindows, jian zhang
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy