Re: [Vserver] CONFIG_IP_NF_TARGET_REDIRECT support in guest

From: David Christensen <davidc_at_connect4less.com>
Date: Sun 21 Jan 2007 - 17:46:11 GMT
Message-ID: <45B3A6E3.7080101@connect4less.com>

Thanks for the info/advice! I was mainly looking to use one of the
guests as a test environment. It's super-easy (and fast) to blow it
away and create a new guest from a ready-made template.

I see your point about a mail server trying to manipulate packet
targets. I believe it uses rules to do some form of tar-pitting. Any
time I can cause spammers grief and slow down their operations, I'll
take a look at it.

Herbert Poetzl wrote:
> On Sat, Jan 20, 2007 at 11:05:36PM -0800, David Christensen wrote:
>
>> I'm wondering if it's possible to get netfilter capabilities in
>> the guest?
>>
>
> well, netfilter works perfectly fine inside and outside a
> guest, what you cannot do inside a guest is to manipulate
> the netfilter rules
>
>
>> I wanted to try to run XMail in a guest, but it needs netfilter
>> support, namely: CONFIG_IP_NF_TARGET_REDIRECT
>>
>
> this is a kernel config option, you can select that when
> you build your kernel and it will be there ...
>
>
>> My guess is no-dice!
>>
>
> depends on what XMail is going to do with that :)
>
> IMHO a mail server application which uses netfilter rules
> to change the target of packets? sounds suspicious to me.
>
> even more suspicious, if you run it on a guest with a
> single ip for example :)
>
>
>> But I thought I'd ask if anyone's gotten XMail running in a guest.
>>
>
> we'll see, in case that doesn't work out, I'd suggest
> to use something like postfix or qmail, which should
> work perfectly fine for the mail part, and a few other
> applications for pop/imap/webmail ...
>
> HTH,
> Herbert
>
>
>> Thanks,
>>
>> David
>>
>
>
>> begin:vcard
>> fn:David Christensen
>> n:Christensen;David
>> email;internet:davidc@connect4less.com
>> x-mozilla-html:TRUE
>> version:2.1
>> end:vcard
>>
>
>
>> _______________________________________________
>> Vserver mailing list
>> Vserver@list.linux-vserver.org
>> http://list.linux-vserver.org/mailman/listinfo/vserver
>>
>
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
>

_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Sun Jan 21 18:32:56 2007

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 21 Jan 2007 - 18:33:02 GMT by hypermail 2.1.8