| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] Re: the bridge send all traffic to every vps when one vp
Jingyun He wrote:
Is it possible use ebtable to filter these traffic?
Why ? Every ethernet network works the same way, at some point,
machines will receive traffic that isn't destined for them - and in
the original arrangement before switches, this was the norm. The
protocol stack will filter it out.
In terms of security, yes someone could pick up traffic they
shouldn't see - but just how often does this happen ? Someone would
have to be very lucky to be looking for traffic AND an interface
changing state triggers the effect AND the traffic is interesting -
all at the same time.
You probably could use ebtables (or would it be iptables ?) to block
any guest from seeing traffic that isn't for it. You'd need a script
to reconfigure the rules every time an interface comes up (and
possibly goes down).
--
Simon Hobson
WANTED: "Software CD ROM Kit" for Canon CLBP 360-PS printer (Canon
part no RH6-3612, or possibly RH6-3810, or RH6-3610 might do). I've a
dead HD and need this CD so I can replace the disk and re-install the
printer OS on it. If anyone knows where I might get hold of one I'd
be grateful - requests to Canon drew a blank, it's been out of
support for years.
Alternatively, if anyone has one of these and would let me image
their hard disk ...
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home