Opened 17 years ago
Last modified 16 years ago
#35 reopened defect
Set up iptables to not forward arbitrary packets — at Version 3
| Reported by: | quentin | Owned by: | ecprice |
|---|---|---|---|
| Priority: | critical | Milestone: | Public Beta |
| Component: | other | Version: | |
| Keywords: | security | Cc: |
Description (last modified by price)
Currently the iptables rules don't REJECT or DROP anything; every packet a VM sends is ACCEPTed. This means VMs can send packets from each other's IP addresses, and black-mesa will happily forward them. We should change this.
Change History (3)
comment:1 Changed 17 years ago by broder
- Milestone changed from Alpha to Public Beta
- Owner changed from sipb-xen to ecprice
- Status changed from new to assigned
comment:2 Changed 17 years ago by price
- Milestone set to Public Beta
comment:3 Changed 17 years ago by price
- Description modified (diff)
- Summary changed from Change default iptables policy from ACCEPT to Set up iptables to not forward arbitrary packets
Note: See
TracTickets for help on using
tickets.
