Source: dtc-xen Section: web Priority: extra Maintainer: Thomas Goirand Build-Depends: debhelper (>= 5), po-debconf, python-all (>= 2.6.6-3~), dh-python Standards-Version: 3.9.2 Vcs-Browser: http://git.gplhost.com/gitweb/?p=dtc-xen.git Vcs-Git: http://git.gplhost.com/dtc-xen.git Homepage: http://www.gplhost.com/software-dtc-xen.html Package: dtc-xen Architecture: all Depends: ${misc:Depends}, ${python:Depends}, apache2-utils, debconf, rrdtool, python-soappy, python-crypto, python-sqlite, openssh-server, m2crypto, debootstrap, openssl, sudo, adduser, sysstat, lsb-base, yum, net-tools, lvm2, e2fsprogs, ipcalc, makedev Recommends: dtc-xen-firewall, sysfsutils Suggests: xen-utils-common Description: SOAP daemon and scripts to allow control panel management for Xen VMs Dtc-xen is a SOAP server running over HTTPS with authentication, so that a web GUI tool can manage, create and destroy domUs under Xen. This package should be used in the dom0 of a Xen server. It integrates itself within the DTC web hosting control panel. Package: dtc-xen-firewall Architecture: all Depends: ${misc:Depends}, lsb-base, debconf, iptables Description: small firewall script for your dom0 If running in a production environment, you might want to have a basic firewall running on your dom0 to avoid having DoS attack. This is not the state-of-the-art, but just another attempt to make things a bit more smooth. Comments and contribution are more than welcome! . The main principle of this firewall script is to rate limit connections to both your dom0 and your VPSes. It's principle is NOT block any connection. For example, dtc-xen-firewall denies ssh for 300 seconds after 10 attempts on your dom0, rate limit ping to 5 per seconds on your dom0 and to 50/s globally for all your VPS, and does the same kind of thing for SYN flood attacks. Take care, it also blocks any connection to the port 25, as in a normal dom0, you would install a mail server to send system messages to the administrators, but you don't want to accept any incoming message.