[uml-user] Iptables control of guest ip addresses

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hey folks.  I'd like to control what ips my umls can configure as valid 
on their guests.

The approach I'm taking is that they can do whatever they want, ip wize, 
inside the guest,
but I'd use Iptables rules to only allow traffic for the ips I give 
them, thus denying them access to
ips I dont want them to have.

iptables -P INPUT deny
iptables -P OUTPUT deny
iptables -P FORWARD accept

iptables -A INPUT     -i $umlbridgeport  -s 0.0.0.0/0 -d $publicip -j ACCEPT
iptables -A OUTPUT -i $umlbridgeport  -s $publicip -d 0.0.0.0/0 -j ACCEPT

I'm using 2.4 series for my host.
Do I need to use 2.6/ebtables and -m physdev to drop all frames that 
aren't wanted,
so that arp is controlled?
Or should this suffice to keep control of ips.

Thanks,
  Tim