OpenVZ Forum


Home » General » Support » HN iptables blocking http access
Re: HN iptables blocking http acces [message #13653 is a reply to message #13530] Fri, 01 June 2007 07:31 Go to previous message
rickb is currently offline  rickb
Messages: 368
Registered: October 2006
Senior Member
yes, agreed. This is how almost every firewall config works. allow a,b,c and disallow d-z. However, if the admin doesn't know what a,b,c are, its not going to work.

so, your question is more of a business logic one, and that is, what services do you want to offer with your vps? Once you know that, create a list of the ports and protocls they use (smtp- 25tcp, dns 53tcp/udp, etc) and create allow rules to pass them through. then, add your reject rule at the end.

bottom line, when you add your reject rule without and allow rules, its like unplugging the network cable. this isn't specific to openvz, its just basic firewall theory.



-------------
Common Terms I post with: http://wiki.openvz.org/Category:Definitions

UBC. Learn it, love it, live it: http://wiki.openvz.org/Proc/user_beancounters
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: *SOLVED* disk io with vzdump / vzmigrate
Next Topic: kernel: Oops: 0002 [1] SMP
Goto Forum:
  


Current Time: Mon Jul 21 20:19:52 GMT 2025

Total time taken to generate the page: 0.10042 seconds