[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Iptables and Xen

To: xen-users@xxxxxxxxxxxxxxxxxxx
From: Alexandre Chapellon <a.chapellon@xxxxxxxxx>
Date: Fri, 10 Jun 2011 09:51:11 +0200
Delivery-date: Fri, 10 Jun 2011 00:52:18 -0700
List-id: Xen user discussion <xen-users.lists.xensource.com>

Le 10/06/2011 08:32, Abhishek Bichhawat a écrit :

Hi,

I have been trying to filter out domU packets from dom0 using iptables.
I tried the following:

iptables -I FORWARD -m physdev --physdev-in peth0 --physdev-out vif1.0 -j domU
iptables -A domU -j DROP

This rules matches flawlessly here (debian 2.6.32-5-xen-amd64).
Are you sure you specify the correct ifnames in your iptables rules?

I expect that this should drop all the packets meant for domU, but this does not happen in my case. The domU is able to receive and send packets as before.

kindly help.

--
Thanks and Regards,
Abhishek Bichhawat
Visiting Scholar
Dept. of Computing
Macquarie University,
Sydney, Australia.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

References:
- [Xen-users] Iptables and Xen
  - From: Abhishek Bichhawat

Prev by Date: [Xen-users] Iptables and Xen
Next by Date: [Xen-users] Munin?
Previous by thread: [Xen-users] Iptables and Xen
Next by thread: RE: [Xen-users] Iptables and Xen
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.