[CentOS-virt] firewall best practice on dom-0
maillists at conactive.com
Sun Jul 13 12:19:04 UTC 2008
I took over a custom firewall script from my older Suse machines to my
Dom-Us and it works just fine. Doing the same for Dom-0 immediately killed
all traffic for the VMs. As there was no need before I had been dropping
everything on the FORWARD chain. After ACCEPTing all for FORWARD my VMs
are happy again.
What's best practice on Dom-0, what do you do? Can I restrict the
forwarding, in which way?
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
More information about the CentOS-virt