WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-users

[Top] [All Lists]

Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge

from [Igor Chubin]

[Permanent Link][Original]

To:	Stefan de Konink <skinkie@xxxxxxxxx>
Subject:	Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge
From:	Igor Chubin <igor@xxxxxxx>
Date:	Sat, 24 Nov 2007 17:20:21 +0200
Cc:	xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Sat, 24 Nov 2007 07:18:10 -0800
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
In-reply-to:	<20071124151709.GB18701@xxxxxxx>
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<474642D6.9060905@xxxxxxxxx> <20071124151225.GA18701@xxxxxxx> <20071124151709.GB18701@xxxxxxx>
Reply-to:	Igor Chubin <igor@xxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mutt/1.5.16 (2007-06-11)

On Sat, Nov 24, 2007 at 05:17:09PM +0200, Igor Chubin wrote:
> On Sat, Nov 24, 2007 at 05:12:25PM +0200, Igor Chubin wrote:
> > On Fri, Nov 23, 2007 at 04:02:46AM +0100, Stefan de Konink wrote:
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA512
> > > 
> > > Is there a way to prevent hwaddr/mac address spoofing between DomU's?
> > > 
> > > 
> > > So in a way 'binding' a mac-address on boot time with a virtual
> > > interface? (with something like ebtables/arptables/etc?)
> > 
> > 
> > As far as I understand, 
> > you can solve your task with ebtables you have mentioned.
> > 
> 
Additional note.

You can modify vif-bridge script
to automagically add ebtables rule
when domain U is started (and its interfaces are created).



Excuse me the typos.

-- 
WBR, i.m.chubin


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Stefan de Konink Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Igor Chubin Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Igor Chubin Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Igor Chubin <= Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Stefan de Konink Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Andy Smith Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Stefan de Konink Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Andy Smith Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Rafał Kupka Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Andy Smith Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Stefan de Konink Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Andy Smith

Previous by Date:	Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Igor Chubin
Next by Date:	[Xen-users] moving from non-xen environment -> xen environment, Miles Fidelman
Previous by Thread:	Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Igor Chubin
Next by Thread:	Re: [Xen-users] [SECURITY] preventing Hwaddr spoofing on bridge, Stefan de Konink
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix