Hi, Avi, Complex and complete firewalling is probably out of my focus for now. I'm trying to introduce a simple reverse firewall functionality which filters outgoing patckets based on only destination address and port. Since Qemu doesn't have any reverse firewall currently, I believe this is a good addition and start.
Dai On Thu, Apr 14, 2011 at 7:08 AM, Avi Kivity <a...@redhat.com> wrote: > On 04/14/2011 04:48 PM, Avi Kivity wrote: > >> Will we see a TCP firewall as well? Can we prepare for a more generic >>> infrastructure, or what makes UDP special? >>> >> >> >> If some generic firewall like BPF is available as a user library, perhaps >> we can integrate one instead of writing a new one from scratch. >> >> > Heck, you could even write a tcg backend for bpf instructions and run the > jit the firewall filter set. > > > -- > error compiling committee.c: too many arguments to function > >
