shorewall-users January 2012 archive
Main Archive Page > Month Archives  > shorewall-users archives
shorewall-users: [Shorewall-users] Odp: virtual serveres

[Shorewall-users] Odp: virtual serveres

From: <thewanderer_at_nospam>
Date: Wed Jan 18 2012 - 09:02:53 GMT
To: "Shorewall Users" <shorewall-users@lists.sourceforge.net>

Hi,
I run Shorewall on hosts with numerous OpenVZ and KVM guests. For full hardware virt, I strongly recommend a supported hypervisor (KVM or Xen) managed by libvirt. The library allows you to set automatically-applied ebtables rules so that the L2 part is taken care of. It supports L3, too. I am not convinced that VBox support is as complete - it might work if it just adds its ifaces to some bridge.

For now, I'm not using that feature (I've, however, tested it), as my virtual hosts are trusted, but there are Shorewall rules on bridges - disappearing ports are not an issue as long as the bridge is still up (i.e. never let your hypervisor manage bridge iface states). And yes, it handles public addresses just fine.

Robert Kawecki

----- Reply message -----
Od: "Richard B. Pyne" <rpyne@shopsite.com>
Do: "Shorewall Users" <shorewall-users@lists.sourceforge.net>
Temat: [Shorewall-users] virtual serveres
Data: śr., sty 18, 2012 01:39

I am in the process of building a new machine to replace several older
servers. I am considering running several virtual servers on one box,
all linux for host and virtual machines using VirtualBox.

Is it possible/advisable to configure shorewall on the host to act as a
firewall for the virtual machines, each having one or more static public IP address?

Any pointers, suggestions and/or configuration information will be
greatly appreciated.

--Richard

------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users