Displaying 20 results from an estimated 4000 matches similar to: "Bug#430778: xen-utils-common: NAT scripts not generic enough, and made for DHCP ?"
2006 Aug 31
0
[Xense-devel] [RFC][PATCH][ACM] enforcing ACM policy on network traffic between virtual network interfaces
This patch adds an ACM hook into the network scripts (/etc/xen/scripts).
It adds iptables rules that enforce mandatory access control on network
packets exchanged between virtual interfaces. If ACM is active, this
patch sets the default FORWARD policy in Dom0 to DROP and adds iptables
ACCEPT rules between vifs that belong to domains that are permitted to
share (determined by using the
2005 Nov 24
2
so close! just an iptables rule away.....?
Hi,
I''ve been making leaps and strides with Xen on FC4. It has been easy to get
installed and to start our first virtual host.
I''ve got one outstanding issue with iptables that is preventing me
progressing further.
This is a colo''d server. It has s single NIC with public IPs.
The bridge is set to come up binding vif* <> xen-br0 <> eth1.
I can start a
2011 Sep 27
3
[Bug 751] New: IPv6 bridging bug
http://bugzilla.netfilter.org/show_bug.cgi?id=751
Summary: IPv6 bridging bug
Product: iptables
Version: unspecified
Platform: x86_64
OS/Version: Gentoo
Status: NEW
Severity: normal
Priority: P3
Component: ip6tables
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: david at
2010 Jul 31
1
Arp Flip Flops make machine inaccessible.
CentOS 5.5 Xen "standard" Xen Installation.
I have two nics. I just put the second one to DHCP and modified the
ifcfg-et01 and so far I am holding, but I am not confident. Prior they
were sequential IP Addrs on same subnet.
arpwatch has indicated flip flips. I can find no rhyme or reason to
predict them. I know I missed I must have missed a step somewhere.
I want to keep the
2010 Sep 06
1
Bug#571634: bridge loosing connection
Hi,
I'm not sure but I think I suffer under the same problem with a bit
different setup with squeeze testing and xen 4.0rc5.
In fact I'm using bridges in the dom0 and the connections to the domU
get lost sporadically.
In don't see where's a solution to the problem... Is it now a bug? When
it's an iptables bug, where's the corresponding bug in the iptables
bugtracker
2006 Jan 28
3
Shorewall/Xen setup (correct from-address this time)
(if this post gets line-feed-mangled please read
http://www.dl.reneschmidt.de/shorewallxenpost.txt - that''s an unmangled
version, thank you)
Hello,
first I would like to thank the Mr. Eastep and contributors for this great piece
of software and superb documentation.
I have a SOHO server (Debian testing) that I''m using for several purposes so
I''ve set up a Xen
2005 Jun 27
5
Bridging problem with Shorewall and OpenVpn
Hello All,
I am trying to implement OpenVPN on Fedora core Linux 3 with the latest
pathces
installed. This server is used only as firewall/internet gateway/proxy/VPN
server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP
It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12)
connected to the local network.
I use shorewall 2.4 on this machine.
I like to test
2016 Mar 01
0
nwfilter : iptables rules not working
Hi,
I contact you as i have difficulties to use nwfilter with KVM host.
I want to implemente flow filtering between my Linux guests.
I created the following filter :
cat admin-dmz-internet.xml
<filter name='admin-dmz-internet'>
<!-- this zone is an SSH ingoing only zone -->
<!-- but SSH can go to an other SSH proxy -->
<filterref
2005 Nov 23
0
so close! an iptables rule away.....
Hi,
I''ve been making leaps and strides with Xen on FC4. It has been easy
to get installed and to start our first virtual host.
I''ve got one outstanding issue with iptables that is preventing me
progressing further.
This is a colo''d server. It has s single NIC with public IPs.
The bridge is set to come up binding vif* <> xen-br0 <> eth1.
I can start a
2006 Nov 23
0
network issue, RHEL4, lack of peth0/peth1 device
Hi! I''m not new to Xen but I''m new to this list. I''m having a truely bizarre problem with Xen bridged networking at the moment. This is a new install, on RHEL4. The symptom is that any domU set up simply fails to talk to anything else. It''s there, and running, and it has an ethernet device, but there''s never any response.
After digging through the
2005 Jun 14
1
Problem with samba broadcast
Hi all,
I''m new to shorewall and have been struggling with several problems for
several days now. Most of them are solved, but one still persists.
The firewall is running on my server under Debian Sarge (Kernel 2.6)
I''ve got three network interfaces:
ppp0 (DSL Internet)
eth1 (lan)
ath0 (wlan)
eth1 and ath0 are bridged together to br0.
The problem is, that Samba (also running
2007 Jun 27
0
Bug#430778: xen-utils-common: Here's proposed workaround script
Package: xen-utils-common
Followup-For: Bug #430778
Here's a patch I made to have working rules here... feel free to comment/adapt.
Hope this helps
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-4-xen-686 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8,
2007 Apr 18
1
[Bridge] Multilink + bridge + nat problem
Hi, I have a suspicious problem with multiple uplinks configuration.
First of all my configuration:
1) kernel 2.6.20.3
2) iptables 1.3.7
3) last iproute (for masked marks)
All wan interfaces are bridged (stp disabled) in only one interface
(wan0), all lan interfaces are bridged (stp enabled) in only one interface
(zlan0).
The wan0 bridge is to allow UPnP works.
To allow related
2006 Dec 14
0
Re: [RESOLVED] Layer7 module doesn''t detect nothing on my bridge with a 2.6.18.3 kernel
Hello,
loading conntrack resolve my problem ...
layer 7 have got a dependency with conntrack but doesn''t load it
automaticaly...
so module is loaded but no packets match with l7-protocols ...
reported as a bug
http://sourceforge.net/tracker/index.php?func=detail&aid=1596065&group_id=80085&atid=558668
regards
ArcosCom Linux User a écrit :
> With:
>
2008 Sep 19
8
bridge + arp
Hi,
this is propably bridge related and not really a xen problem, but it
might help someone:
Some of our domUs are not able to arp. Arp -n show (incomplete), and
doing a tcpdump shows, that on the dom0''s eth0 the arp request goes out,
the response comes in, but on the vifX.0 interface the arp response is
gone.
dom0# tcpdump -ni eth0
arp who-has 10.32.2.51 tell 10.32.7.70
arp reply
2010 Jun 25
1
No connection in DomUs with network-route
Hi,
I would like to know if somebody can point me out how to configure
several DomUs in a private LAN (for example 192.168.100.0/24) and one
DomU with two interfaces (one - 192.168.100.0/24 and two - internet).
So far I have enabled in xend-config.sxp:
(network-script network-route)
(vif-script vif-route)
My config files have:
/mnt/VM/1.cfg:vif = [''ip=192.168.1.3'']
2010 Apr 30
1
[SPAM] Xen bridge network issue
Hi,
I have taken the long and winding road and indeed it lead me to your door. I
need your help, please.
My Xen includes 2 guests. Xen itself (10.2.0.52) gets free access to the
outside world and to its guests.
Both guests however (10.2.0.54/10.2.0.55) see each other but stay under
house arrest!
Not a single ping manages to go past the bridge (xenbr0) and get an answer
from the default gateway
2011 Mar 18
0
libvirtd -- iptables
Hi All,
I created a couple of virtual networks (forward mode=nat) in my
rhel6-kvm box. I've come across 2 weird issues.
1. My Iptables rule chainset contains repeated rules. The same rule gets
repeated block by block
2. For connecting to guest using SSH, I created a custom IPTables chain.
I want this chain to be on top of the FORWARD chain, but everytime the
libvirtd is restarted the rule
2013 Oct 31
7
[Bug 870] New: Iptables cannot block outbound packets sent by Nessus
https://bugzilla.netfilter.org/show_bug.cgi?id=870
Summary: Iptables cannot block outbound packets sent by Nessus
Product: iptables
Version: 1.4.x
Platform: x86_64
OS/Version: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at lists.netfilter.org
2015 Mar 20
1
Re: still possible to use traditional bridge network setup ?
Bernd wrote:
> -----Original Message-----
> From: libvirt-users-bounces@redhat.com [mailto:libvirt-users-
> bounces@redhat.com] On Behalf Of Lentes, Bernd
> Sent: Thursday, March 19, 2015 5:12 PM
> To: libvirt-users@redhat.com
> Subject: Re: [libvirt-users] still possible to use traditional bridge network
> setup ?
>
> Laine wrote:
>
>
...
>
> Hi Laine,