Re: [vserver] Virtual Network Devices

About this list Date view Thread view Subject view Author view Attachment view

From: James Gibson (
Date: Wed May 15 2002 - 03:30:24 EDT

I doubt it.. not that it's a bad idea, it's just unnecessary.. look at it
this way: your vserver is also trapped to a single IP address. Just set up
your iptables to disallow any traffic from your internal subnet to or from
the vserver, with the exception of your gateway.

If you wanted to make your life even easier do it this way: say your
subnet is set your vserver to be on a different subnet,
say, then configure your gateway to listen on that subnet
as well (i.e. setup an alias). as long as the gateway box is configured to
not route traffic onto the subnet from the
subnet you should be fine.

James Gibson

On Wed, 15 May 2002, Billy Hager wrote:
> Actually, that gives me an idea. My vserver is traped in a single security
> context. Is there a netfilter module I can use to filter by security
> context?
> Billy Hager
> On Tuesday 14 May 2002 09:41 pm, you wrote:
> > I am not a networking expert, but if I may ask, would iptables work? I
> > can imagine that you can setup rules so that no traffics coming from the
> > outside can get in, or vice versa.
> >
> > Peter
> >

About this list Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:01 EDT