[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-devel] LXR-type source code browsing
> Would it perhaps be even better to run snort in an > unprivileged domain, using > iptables to feed traffic to that domain? Sure, this could be done, but it would be most efficient to run it in whichever domain has the bridge. The tools currently don't make it easy to setup drivers in other domains. > Incidentally, why isn't iptables support built into the > default xen/linux kernels? > iptables seems a natural fit with a project that can do so > much for system security. iptables is built as a module in the default 2.6 xen0 config. Ian ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |