On Wednesday, 11/14/2007 at 05:56 EST, Aria Bamdad <[EMAIL PROTECTED]> wrote: > I currently have an application that issues a NETSTAT BLOCK command for a > specific IP address to block requests from an external client > to the VM stack. > > I want to implement this on a VSWITCH level. For example, I > want to be able to block an IP address from accessing > any guest (in my case linux guests) connected to the VSWITCH. > > I am pretty sure this can't be done at the vswitch level but > thought I ask if anyone has done something similar. I know I can > block at the guest level but wanted to block all guests at the switch level.
You're correct; there is no firewall in the VSWITCH. You either have to enable a firewall in each guest, run an outboard firewall to protect the VSWITCH, or use a Guest LAN (disconnected VSWITCH is ok) and a virtual router with firewall. Alan Altmark z/VM Development IBM Endicott