Xen project Mailing List

Re: [Xen-users] Firewalling Xen?

From: Thomas Goirand <thomas@xxxxxxxxxx>

Date: Wed, 17 Dec 2008 01:01:29 +0800

Delivery-date: Tue, 16 Dec 2008 09:04:30 -0800

Domainkey-signature: a=rsa-sha1; c=nofws; d=goirand.fr; h=message-id:date:from:mime-version:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; q=dns; s=postfix; b= Kv8lYSkCz4KL96LmuTehYxfEZ8dI5Ow0dTaEbsRK+wf0RCDfJ26brniuZV0PJVpE 9x00TvosgeFQ1jUHHq+M3N6jGx2aS2NDm7sHizvevhZksiO4ONcGlqm9pOVBzQLf qCXYQXJlmZMBR7Yy+SxpYLJ4OsLpHPy4OFvN+FpqcGU=

List-id: Xen user discussion <xen-users.lists.xensource.com>

Openpgp: id=98EF9A49

lists@xxxxxxxxxxxxx wrote: > I'm wondering how to setup a firewall for Dom0 when all traffic for the DomUs > go 'through' it. Hi, as we do commercial VPS hosting with xen and our own open source management interface, we have designed a small anti-DoS firewall to setup in your dom0. It does nothing spectacular, but it helps against ssh dictionary attacks, and other very common flood types that might hurt your server: ping, syn, etc. http://git.gplhost.com/gitweb/?p=dtc-xen.git;a=blob;f=debian/dtc-xen.init;h=5e4df2e46e3a872a2d73ada77e24e8bb242f8b6b;hb=a75a32b23d6dde71dc684045b3c2e7051c30e6fa I'd be happy to have contributions in this small script that is by the way very simple to extend (just add few functions for yourself and share, then anybody can enable/disable them with ease. Thomas P.S: For further discovery of the projects see here the bellow URLs: http://packages.debian.org/lenny/dtc http://packages.debian.org/lenny/dtc-xen http://www.gplhost.com/software-dtc.html http://www.gplhost.com/software-dtc-xen.html _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.