| 
		
			| Iptables question [message #2265] | Tue, 28 March 2006 01:06  |  
			| 
				
				
					|  jvgrago Messages: 3
 Registered: March 2006
 Location: NY
 | Junior Member |  |  |  
	| I have just installed OpenVZ and the install was going well until I had to run vzpkgcache -f and this is when I noticed that with the OpenVZ kernel I have no access outside this server. If I stop iptables, I can do a host google.com and get a response or even do the vzpkgcache -f and it works just fine. At the top of my iptables, it shows this: 
 # vi /etc/sysconfig/iptables
 
 # Generated by iptables-save v1.3.0 on Mon Mar 27 19:42:46 2006
 *nat
 :OUTPUT ACCEPT [0:0]
 :POSTROUTING ACCEPT [0:0]
 :PREROUTING ACCEPT [0:0]
 COMMIT
 # Completed on Mon Mar 27 19:42:46 2006
 # Generated by iptables-save v1.3.0 on Mon Mar 27 19:42:46 2006
 *mangle
 :FORWARD ACCEPT [0:0]
 :INPUT ACCEPT [277:27444]
 :OUTPUT ACCEPT [226:23424]
 :POSTROUTING ACCEPT [226:23424]
 :PREROUTING ACCEPT [277:27444]
 COMMIT
 # Completed on Mon Mar 27 19:42:46 2006
 # Generated by iptables-save v1.3.0 on Mon Mar 27 19:42:46 2006
 *filter
 :FORWARD ACCEPT [0:0]
 :INPUT ACCEPT [0:0]
 :OUTPUT ACCEPT [226:23424]
 :RH-Firewall-1-INPUT - [0:0]
 -A FORWARD -j RH-Firewall-1-INPUT
 
 I dont see anything wrong with this, but as soon as I start iptables, I lose internet on this server.
 
 Second issue:
 
 Another issue that I have ran into is that the virtual ethernet venet0 does not activate on boot. If I try to activate it, It does not let me. Here is an output of an ifconfig.
 
 
 eth0      Link encap:Ethernet  HWaddr 00:0C:41:E8:AD:22
 inet addr:192.168.0.9  Bcast:192.168.0.255  Mask:255.255.255.0
 UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
 RX packets:34800 errors:0 dropped:0 overruns:0 frame:0
 TX packets:33813 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:1000
 RX bytes:33516583 (31.9 MiB)  TX bytes:5089116 (4.8 MiB)
 Interrupt:11 Base address:0xdc00
 
 eth1      Link encap:Ethernet  HWaddr 00:0F:B5:08:9A:2D
 inet addr:192.168.0.99  Bcast:192.168.0.255  Mask:255.255.255.0
 UP BROADCAST MULTICAST  MTU:1500  Metric:1
 RX packets:0 errors:0 dropped:0 overruns:0 frame:0
 TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:1000
 RX bytes:0 (0.0 b)  TX bytes:2280 (2.2 KiB)
 Interrupt:10 Base address:0xe000
 
 lo        Link encap:Local Loopback
 inet addr:127.0.0.1  Mask:255.0.0.0
 UP LOOPBACK RUNNING  MTU:16436  Metric:1
 RX packets:55 errors:0 dropped:0 overruns:0 frame:0
 TX packets:55 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:0
 RX bytes:3946 (3.8 KiB)  TX bytes:3946 (3.8 KiB)
 
 venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
 UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
 RX packets:0 errors:0 dropped:0 overruns:0 frame:0
 TX packets:0 errors:0 dropped:7 overruns:0 carrier:0
 collisions:0 txqueuelen:0
 RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
 
 I have deactivated eth1, but for some reason its still pulling an ip (with no cable attached either).
 
 Any ideas?
 
 Thanks,
 Jim
 
 |  
	|  |  |