OpenVZ Forum: Support » APF on hardware node

Home » General » Support » APF on hardware node

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

APF on hardware node [message #15138]

Thu, 19 July 2007 20:52

ugob
Messages: 271
Registered: March 2007

Senior Member

Hi,

I'm running APF (iptables frond-end) on all my VE's and some HN. One question... how do I manage connections from a VE to the HN?

I've tried simply add a rule so that it results in

    0     0 ACCEPT     tcp  --  any    any     70.70.70.70  anywhere            tcp dpt:ssh

(IP address of the VE is 70.70.70.70. It doesn't work because it looks like the packets are not coming from 70.70.70.70 since it goes through the venet0 interface. Is there a way to manage this? The only I found for now is to add 'venet0' to the list of trusted interfaces in apf.conf, but this allow all traffic from the VEs, which is not perfect.

Thanks,
Ugo

Please read the manual before asking questions:
http://download.openvz.org/doc/OpenVZ-Users-Guide.pdf

Please have a look at the wiki before asking questions:
http://wiki.openvz.org/Main_Page

Report message to a moderator

[Message index]

		APF on hardware node By: ugob on Thu, 19 July 2007 20:52
		Re: APF on hardware node By: Vasily Tarasov on Fri, 20 July 2007 10:57
		Re: APF on hardware node By: ugob on Fri, 20 July 2007 11:10
		Re: APF on hardware node By: Vasily Tarasov on Fri, 20 July 2007 11:25
		Re: APF on hardware node By: ugob on Fri, 20 July 2007 14:18
		Re: APF on hardware node By: ugob on Fri, 20 July 2007 14:19

Previous Topic:	WH Manager / control panel
Next Topic:	SOLVED SMP kernel vs PAE

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Thu Oct 17 23:04:27 GMT 2024

Total time taken to generate the page: 0.05151 seconds