Displaying 6 results from an estimated 6 matches for "applying_network_filtering".
2020 Jan 01
2
Passing multiple addresses with masks to nwfilter
Hello,
I have a nwfilter that I'm using to ensure that libvirt domains can't spoof
IPv6 traffic. It looks like this:
<filter name='no-ipv6-spoofing' chain='ipv6-ip' priority='-710'>
<rule action='return' direction='out' priority='500'>
<ipv6 srcipaddr='$IPV6' srcipmask='$IPV6MASK'/>
</rule>
2020 Jan 01
0
Re: Passing multiple addresses with masks to nwfilter
Looking at
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-virtual_networking-applying_network_filtering#sect-Applying_network_filtering-Usage_of_variables_in_filters,
it sounds like the preferred approach is to use something like:
<filter name='no-ipv6-spoofing' chain='ipv6-ip' priority='-710'>
<rule action='return' direction='out' priority='500...
2019 May 31
2
Easy solution for custom firewall rules- is it possible?
Hello All-
I've looked in several places and haven't found an answer to this
question: is it possible to have libvirt add custom rules to iptables
for virtual network interfaces? I took a look at the "Firewall and
Network Filtering in Libvirt" page and it seems overly complicated for
what I want to do.
Given an interface virbr2 and its network 192.168.4.0/24, libvirt
installs
2018 Dec 25
2
Network filters with clean-traffic not working on Debian Stretch
...yslog nor in
/var/log/libvirt/qemu/<VM>
My main references were:
https://libvirt.org/firewall.html
https://libvirt.org/formatnwfilter.html
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-virtual_networking-applying_network_filtering
https://www.berrange.com/posts/2011/10/03/guest-mac-spoofing-denial-of-service-and-preventing-it-with-libvirt-and-kvm/
Any help really would be much appreciated!
Thanks a lot!
Sam
2019 May 31
0
Re: Easy solution for custom firewall rules- is it possible?
...beginning:
https://libvirt.org/formatnwfilter.html#nwfwrite
some more info:
https://www.redhat.com/archives/libvir-list/2010-June/msg00762.html
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-virtual_networking-applying_network_filtering
regards
Am Donnerstag, den 30.05.2019, 21:44 -0400 schrieb Joshua Kramer:
> Hello All-
>
> I've looked in several places and haven't found an answer to this
> question: is it possible to have libvirt add custom rules to iptables
> for virtual network interfaces? I to...
2018 Dec 29
0
Re: Network filters with clean-traffic not working on Debian Stretch
...u/<VM>
>
> My main references were:
>
> https://libvirt.org/firewall.html
> https://libvirt.org/formatnwfilter.html
>
> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-virtual_networking-applying_network_filtering
>
> https://www.berrange.com/posts/2011/10/03/guest-mac-spoofing-denial-of-service-and-preventing-it-with-libvirt-and-kvm/
>
> Any help really would be much appreciated!
>
> Thanks a lot!
>
> Sam
>
> _______________________________________________
> libvirt-users ma...