OpenVZ Forum


Home » General » Support » how to open a range of IPs?
how to open a range of IPs? [message #30584] Thu, 29 May 2008 10:53 Go to next message
zenny
Messages: 48
Registered: November 2006
Member
I read the http://wiki.openvz.org/Using_NAT_for_container_with_private_ IPs

and in particularly, ths section http://wiki.openvz.org/Using_NAT_for_container_with_private_ IPs#How_to_provide_access_from_Internet_to_a_container is relevant to my question.

I want to make access some ports of a range of IPs of containers to be seeable (accessible) from the Internet, How to open a range of IPs of containers accessible from the Net?

Right now I have the following in /etc/sysconfig/iptables:

# Generated by iptables-save v1.3.5 on Mon Apr 14 12:27:02 2008
*mangle
:PREROUTING ACCEPT [1450:175937]
:INPUT ACCEPT [1409:169343]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [736:87307]
:POSTROUTING ACCEPT [736:87307]
COMMIT
# Completed on Mon Apr 14 12:27:02 2008
# Generated by iptables-save v1.3.5 on Mon Apr 14 12:27:02 2008
*filter
:INPUT ACCEPT [1409:169343]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [736:87307]
-A FORWARD -i eth1 -j ACCEPT
COMMIT
# Completed on Mon Apr 14 12:27:02 2008
# Generated by iptables-save v1.3.5 on Mon Apr 14 12:27:02 2008
*nat
:PREROUTING ACCEPT [43:7374]
:POSTROUTING ACCEPT [1:69]
:OUTPUT ACCEPT [8:621]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Apr 14 12:27:02 2008

The containers can access the net, yet the net could not access the containers. Sad It has two NIC int the hardware node (eth1) is used to broadcast dynamic IPs. Thanks in advance.

[Updated on: Thu, 29 May 2008 10:59]

Report message to a moderator

Re: how to open a range of IPs? [message #30652 is a reply to message #30584] Sun, 01 June 2008 06:48 Go to previous messageGo to next message
zenny
Messages: 48
Registered: November 2006
Member
Bump!!! Rolling Eyes

Report message to a moderator

Re: how to open a range of IPs? [message #30699 is a reply to message #30652] Wed, 04 June 2008 08:50 Go to previous messageGo to next message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
I don't understand if you've tried DNAT?

Report message to a moderator

Re: how to open a range of IPs? [message #30913 is a reply to message #30699] Tue, 10 June 2008 09:30 Go to previous messageGo to next message
zenny
Messages: 48
Registered: November 2006
Member
I tried with this:

#iptables -t nat -A PREROUTING -p tcp -d xxx.yyy.zzz.aaa --dport 80 -j DNAT --to-destination 192.168.9.1-10.168.9.250

where xxx.yyy.zzz.aaa is the external IP of the HN. Yet I could not access the embedded http server in IP phones nor any other machines with 192.168.9.0/24 range from outside.

Report message to a moderator

Re: how to open a range of IPs? [message #30962 is a reply to message #30913] Wed, 11 June 2008 09:54 Go to previous message
zenny
Messages: 48
Registered: November 2006
Member
Bump again !!!

Report message to a moderator

Previous Topic: Problem using veth
Next Topic: setlocale not working properly in perl script
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Wed Nov 06 02:06:54 GMT 2024

Total time taken to generate the page: 0.03452 seconds
Powered by FUDforum Powered by Virtuozzo Containers