Joseph L. Casale wrote:
What happens if you just remove the ifcfg file for this interface? What does Xen do with it? What if you have an ifcfg file, but setup no IP address on it?
Bear with me Ross, my Linux skills are new :) Won't CentOS create the ifcfg on the fly when it boots (I think thats what happens, I may have tried and I wont have acess to the box untill tonight). I will check into these points.
I don't think so. It creates these on installation, but doesn't auto-gen them afterwards. NetworkManager may do so, but you should disable NetworkManager with Xen or bad things will happen.
I would just create an ifcfg with no IP address and that should work.
Of course you can pass the NIC through to the PVM which I suspect is what you are thinking of doing.
Yup, so I hoped to make that work (I imagine its most secure)! Somehting is wrong with the way I am blocking it, I don't what though yet! I tried to compile from source to make the menuconfig change and I cant make that work... Can you set the pciback option in the srpm's build routine somehow? I have no issues making the srpm.
There's no need for a custom kernel, all the CentOS Xen kernels include pciback and pcifront support, and most other distros pre-compiled Xen kernels do too.
There is shorewall which is in the repo. Or maybe smoothwall can run inside a PVM?
Thats good to know, I will check both out!
Just about any firewall package that installs as a service to the distribution rather then a complete distribution on it's own should work in a PVM.
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.