OpenVZ Forum


Home » General » Support » *RESOLVED* network access between VE and HN
*RESOLVED* network access between VE and HN [message #13440] Sat, 26 May 2007 22:02 Go to next message
aphexer is currently offline  aphexer
Messages: 6
Registered: May 2007
Location: Belgium
Junior Member
It appears that, by default, a VE can access the HN using networking. (pinging to the HN's external ip works).

How can I turn that off? The VE should have access to the internet (I'm SNATTING), but not to the HN, unless that traffic passes through the same firewall rules that apply to traffic coming from the internet directly for the HN (like ssh for the HN).

Anyone?Smile

Thanks!R

[Updated on: Sun, 27 May 2007 09:39] by Moderator

Report message to a moderator

Re: network access between VE and HN [message #13446 is a reply to message #13440] Sun, 27 May 2007 08:01 Go to previous messageGo to next message
Vasily Tarasov is currently offline  Vasily Tarasov
Messages: 1345
Registered: January 2006
Senior Member
Why not use iptables on venet interface on HN?

Vasily.

Report message to a moderator

Re: network access between VE and HN [message #13448 is a reply to message #13440] Sun, 27 May 2007 08:40 Go to previous message
aphexer is currently offline  aphexer
Messages: 6
Registered: May 2007
Location: Belgium
Junior Member
Oops, It appears that I was trying to block it in the FORWARD chain, instead of the INPUT chain. Now it works:)

Thanks!

Report message to a moderator

Previous Topic: *SOLVED* HP DL 145 sloooooow with openvz kernels
Next Topic: *SOLVED* Quota on HostNode
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Fri Jul 12 10:29:20 GMT 2024

Total time taken to generate the page: 0.02252 seconds
Powered by FUDforum Powered by Virtuozzo Containers