LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: ipvsadm interaction with iptables

To: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: ipvsadm interaction with iptables
From: "James O'Kane" <jo2y@xxxxxxxxxxxxxxxxx>
Date: Tue, 17 Jul 2001 05:17:43 -0400 (EDT)
On Tue, 17 Jul 2001, Julian Anastasov wrote:
>       You are using too restrictive rules, do you really need them?
>
>       The LVS users that use Linux 2.2 are not powered with such firewall
> rules but you can build secure setup even with simple rules. In some
> cases even without firewall rules :)

I've had and seen friend's machines cracked too often to want to deal with
want to error on the side of too restrictive and then open things as
needed. This machine will be my main firewall as well. I have a very small
setup, and lvs is probably overkill and I could probably do everything I
need with just iptables, but I wanted to start using it from the start.
So far, mixing realservers and plain workstations behind my
firewall/director works. Is there any good reason to add an eth2 and put
them on different subnets? I have around 10 machines including the
firewall, realservers and desktops.

thanks
-james




<Prev in Thread] Current Thread [Next in Thread>