Sven,
In the future, please direct your Shorewall questions to the Shorewall
Users Mailing List. That way, other people besides me can answer the
questions and the answers are available in the archives for other users
to find.
I''ve addressed my reply to that ML as well as to you.
s.holzhueter@shoki.de wrote:
> where would you put a http-proxy? (Reachable from the local net)
I personally run Squid in Dom 0.
> How would you configure more xen-machines in the loc net?
> Or would´t you ever do this ?
Are you taking about another dom0 running on a separate system? Or are
you asking about additional domUs on the firewall
system?>
> Should those additional machines be protected by a firewall aswell?
>
Always.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV