Opened 16 years ago

Last modified 15 years ago

#35 reopened defect

Set up iptables to not forward arbitrary packets — at Version 3

Reported by: quentin Owned by: ecprice
Priority: critical Milestone: Public Beta
Component: other Version:
Keywords: security Cc:

Description (last modified by price)

Currently the iptables rules don't REJECT or DROP anything; every packet a VM sends is ACCEPTed. This means VMs can send packets from each other's IP addresses, and black-mesa will happily forward them. We should change this.

Change History (3)

comment:1 Changed 16 years ago by broder

  • Milestone changed from Alpha to Public Beta
  • Owner changed from sipb-xen to ecprice
  • Status changed from new to assigned

comment:2 Changed 16 years ago by price

  • Milestone set to Public Beta

comment:3 Changed 16 years ago by price

  • Description modified (diff)
  • Summary changed from Change default iptables policy from ACCEPT to Set up iptables to not forward arbitrary packets
Note: See TracTickets for help on using tickets.