Difference between revisions of "Iptables"
From Linux-VServer
(catspec) |
|||
| (3 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | Problem: The network packet filter, as implemented into Linux kernel, does not provide a concept of "personalties" which allow subsetting a rule set per vserver guest. But by providing guest specific chains, used to direct network packets with source or destination of a given guest, and introducing a mechanism to allow guest to update exclusively this guest specific chain, the outcome is rather similar. | |
| − | + | These pages inventarise the efforts of realisation. | |
| − | [[Iptables Demonstrate workability]] | + | * [[Iptables Consolidate requirements]] |
| − | [ | + | * [[Iptables Collect previous work]] |
| + | * [[Iptables Demonstrate workability]] | ||
| + | * [[Iptables Implementation]] | ||
| − | [[ | + | online contact: irc.oftc.net, #vserver-iptables |
| + | |||
| + | [[Category:Network related]] | ||
Latest revision as of 22:26, 21 October 2011
Problem: The network packet filter, as implemented into Linux kernel, does not provide a concept of "personalties" which allow subsetting a rule set per vserver guest. But by providing guest specific chains, used to direct network packets with source or destination of a given guest, and introducing a mechanism to allow guest to update exclusively this guest specific chain, the outcome is rather similar.
These pages inventarise the efforts of realisation.
- Iptables Consolidate requirements
- Iptables Collect previous work
- Iptables Demonstrate workability
- Iptables Implementation
online contact: irc.oftc.net, #vserver-iptables
