| 1 |
> So anyway, my memory of this is all very wishy-washy, but ebtables |
| 2 |
> turned out to be the best way to implement those inter-VM restrictions. |
| 3 |
> It could probably have been done in iptables, but ebtables made it easy |
| 4 |
> to say "don't let these two talk." |
| 5 |
|
| 6 |
I don;t know the details but I expect that would be a false sense of |
| 7 |
security and that you would want a secure switch or ssh or ipsec. |
| 8 |
|
| 9 |
-- |
| 10 |
_______________________________________________________________________ |
| 11 |
|
| 12 |
'Write programs that do one thing and do it well. Write programs to work |
| 13 |
together. Write programs to handle text streams, because that is a |
| 14 |
universal interface' |
| 15 |
|
| 16 |
(Doug McIlroy) |
| 17 |
_______________________________________________________________________ |
Archives