On Tue, 2011-01-18 at 17:21 -0500, Kwan Lowe wrote:
> Yesterday I was troubleshooting an issue with a KVM host. I was
> unable to access the DNS service on a KVM virtual machine. After
> verifying that the vm allowed through the DNS ports (53 on UDP/TCP)
> and still being unable to access, I was able to connect immediately
> after allowing those ports on the KVM host. Is there anyway around
> this? The reason is that I would like to allow only SSH access to the
> host, but allow other services to the virtual machines.
I just disable iptables on the host. Maybe that's not the best solution
for your particular situation, but in mine, it works fine.
I use tcp wrappers to allow ssh access to only those I deem worthy, and
we have external firewalls in place as well (I lock down our boxes in
other ways, as well).
I haven't seen the need to put in a host based firewall...yet, anyway.
Regards,
Ranbir
--
Kanwar Ranbir Sandhu
Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux
15:39:12 up 9 days, 21:23, 3 users, load average: 0.03, 0.07, 0.02
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
