Xen users - Dec 2010 - dos attack problem in xen bridge mode

Hi all,
i''m using xen in bridge mode and some of my domU got under attack from
one
ip with high udp packet inside domU i''m using iptables as firewall i
have
drop the packet but from dom0 i still see the ip from Iftop and the ip eat
my traffic there is any idea about this

regards


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Alaa eldin wrote:
>i''m using xen in bridge mode and some of my domU got under attack 
>from one ip with high udp packet inside domU i''m using iptables as 
>firewall i have drop the packet but from dom0 i still see the ip 
>from Iftop and the ip eat my traffic there is any idea about this
If you have a rule to match the traffic, you can drop it at the 
ingress interface with an iptables rule in Dom0. The traffic will 
still hit the network stack and netfilter, but it won''t then get as 
far as the bridge. If that''s not good enough, then you''ll have
to
filter it upstream before it reaches your Xen server machine.

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users