| how to open a range of IPs? [message #30584] |
Thu, 29 May 2008 10:53  |
zenny
Messages: 48
Registered: November 2006
|
Member |
|
|
I read the http://wiki.openvz.org/Using_NAT_for_container_with_private_ IPs
and in particularly, ths section http://wiki.openvz.org/Using_NAT_for_container_with_private_ IPs#How_to_provide_access_from_Internet_to_a_container is relevant to my question.
I want to make access some ports of a range of IPs of containers to be seeable (accessible) from the Internet, How to open a range of IPs of containers accessible from the Net?
Right now I have the following in /etc/sysconfig/iptables:
# Generated by iptables-save v1.3.5 on Mon Apr 14 12:27:02 2008
*mangle
:PREROUTING ACCEPT [1450:175937]
:INPUT ACCEPT [1409:169343]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [736:87307]
:POSTROUTING ACCEPT [736:87307]
COMMIT
# Completed on Mon Apr 14 12:27:02 2008
# Generated by iptables-save v1.3.5 on Mon Apr 14 12:27:02 2008
*filter
:INPUT ACCEPT [1409:169343]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [736:87307]
-A FORWARD -i eth1 -j ACCEPT
COMMIT
# Completed on Mon Apr 14 12:27:02 2008
# Generated by iptables-save v1.3.5 on Mon Apr 14 12:27:02 2008
*nat
:PREROUTING ACCEPT [43:7374]
:POSTROUTING ACCEPT [1:69]
:OUTPUT ACCEPT [8:621]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Apr 14 12:27:02 2008
The containers can access the net, yet the net could not access the containers.  It has two NIC int the hardware node (eth1) is used to broadcast dynamic IPs. Thanks in advance.
[Updated on: Thu, 29 May 2008 10:59] Report message to a moderator |
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
