Joseph L. Casale wrote: > > >What happens if you just remove the ifcfg file for this > >interface? What does Xen do with it? What if you have an > >ifcfg file, but setup no IP address on it? > > Bear with me Ross, my Linux skills are new :) Won't CentOS > create the ifcfg on the fly when it boots (I think thats what > happens, I may have tried and I wont have acess to the box > untill tonight). I will check into these points. I don't think so. It creates these on installation, but doesn't auto-gen them afterwards. NetworkManager may do so, but you should disable NetworkManager with Xen or bad things will happen. I would just create an ifcfg with no IP address and that should work. > >Of course you can pass the NIC through to the PVM which > >I suspect is what you are thinking of doing. > > Yup, so I hoped to make that work (I imagine its most > secure)! Somehting is wrong with the way I am blocking it, I > don't what though yet! I tried to compile from source to make > the menuconfig change and I cant make that work... Can you > set the pciback option in the srpm's build routine somehow? I > have no issues making the srpm. There's no need for a custom kernel, all the CentOS Xen kernels include pciback and pcifront support, and most other distros pre-compiled Xen kernels do too. > >There is shorewall which is in the repo. Or maybe smoothwall > >can run inside a PVM? > > Thats good to know, I will check both out! Just about any firewall package that installs as a service to the distribution rather then a complete distribution on it's own should work in a PVM. -Ross ______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.