On 25.01.2014 01:12, Marcus Sorensen wrote:
Are you talking about the rules that ensure an instance can't bring up
and
use IP addresses that are not assigned to it?
I'm not sure. Here's a pic:
http://img.nux.ro/jC4b-Selection_015.png
The anti-spoofing is working ok, supposedly, but I was expecting that
either:
1 - egress is blocked by default, just like ingress, so just
ports/addresses specified there can be accessed
2 - less orthodox, but since we allow all outgoing by default for a VM
then make this is a blacklist instead of a whitelist, ie ports/addresses
specified here cannot be accessed
Do I make any sense?
Lucian
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
