[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Bridging firewall?
> > Are you sure your new scripts actually still implement the antispoof > feature of ensuring that the guest can only send packets using its > allocated IP? It looks to me like they're too lax. The modification into /etc/xen/scripts/network and /etc/xen/script/vif-bridge are just to have a functionnal antispoof when you have two bridge but all the firewalling is done into xenU-firewall a domain connected with vif1.0 connected to xen-br0 (the secure network) and vif1.1 connected to xen-br1 (the outside ) Is it more clear ? i don't think that my modification the scripts are that clever ... my 2 cent files ! > > Ian > ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |