[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Iptables and Xen

To: Abhishek Bichhawat <abhishek.bichhawat@xxxxxxxxx>
From: Tapas Mishra <mightydreams@xxxxxxxxx>
Date: Thu, 16 Jun 2011 14:26:25 +0530
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 16 Jun 2011 01:57:35 -0700
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=mDPATfszeZRPSSxOqUJQJGOx3+XMLRj98HIiEjJJT3XwNta66VoT+7jcQmPO23W31C MBqOEPc7yNRb5IrMcBJ4QEiAPD9YpbCW9igAnJUI75eTefeG8BPw1EU4qLmey9YuV7mv XFBcMZL3hrbhza8PqA8zSMWInk/I0SnKyd76g=
List-id: Xen user discussion <xen-users.lists.xensource.com>

On Fri, Jun 10, 2011 at 12:02 PM, Abhishek Bichhawat
<abhishek.bichhawat@xxxxxxxxx> wrote:
> Hi,
>
> I have been trying to filter out domU packets from dom0 using iptables.
> I tried the following:
>
> iptables -I FORWARD -m physdev --physdev-in peth0 --physdev-out vif1.0 -j
> domU
> iptables -A domU -j DROP
>
> I expect that this should drop all the packets meant for domU,
Assuming that you did not do a syntax error and did as you wanted to
iptables -A domU -j DROP seems odd to me
iptables -A --destination domU -j DROP is making a bit sense.
See if you meant this only.
Paste the output of iptables -L -v -n on pastebin etc...
-----------
Tapas

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

References:
- [Xen-users] Iptables and Xen
  - From: Abhishek Bichhawat

Prev by Date: Re: [Xen-users] kernel-3.0-0 dom0, python2.7, and xen 4.0.x on ubuntu 11.10
Next by Date: [Xen-users] encrypted virtual machines
Previous by thread: RE: [Xen-users] Iptables and Xen
Next by thread: [Xen-users] Munin?
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.