Yesterday I signed up for the Rackspace Cloud. By default, their servers come with two interfaces/IPs, eth0 for the intertubes and eth1 for a private internal network that you can use to connect your webserver to your database server. Or something like that.

The catch is, those interfaces aren’t really all that private. Other customers can scan the internal IP ranges, discover your services and release the hounds hacker ninjas. On Amazon EC2, those interfaces are behind a configurable firewall.

To get some basic privacy at the Rackspace Cloud (which I like for their small instance sizes and good customer service) I wrote up about 150 lines of Python code to query the API for your internal IPs and output a number of iptables commands that allow only your servers to communicate with each other. Other Rackspace customers are blocked out. You then only need to make sure those commands are run on each of your servers.

As always, you can find the script over at github.