OpenVZ Forum: Support » [openvzwiki] Iptables Firewall script b0rked?

Home » General » Support » [openvzwiki] Iptables Firewall script b0rked?

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Switch to threaded view of this topic

Create a new topic

Submit Reply

[openvzwiki] Iptables Firewall script b0rked? [message #36258]

Tue, 02 June 2009 09:46

defiancenl is currently offline

defiancenl
Messages: 15
Registered: June 2009

Junior Member

Hi all, so im trying to set up a iptables firewall on a hwnode.
So i tried this script on the wiki pages
http://wiki.openvz.org/Setting_up_an_iptables_firewall

However, this script does not function properly?
Whenever i start the firewall all ports i set open etc are not open, and the script shuts out any connection from outside?

better put, the CT cannot resolve anymore ,whenever i turn the firewall on, nor can it ping outside ( beyond the hwnode)

Can anyone help me out with this one?

[Updated on: Tue, 02 June 2009 11:31]

Report message to a moderator

Send a private message to this user

Re: [openvzwiki] Iptables Firewall script b0rked? [message #36273 is a reply to message #36258]

Wed, 03 June 2009 09:18

maratrus is currently offline

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Please, carefully examine all iptables rules one by one on your system and find that causes the problem.

Report message to a moderator

Send a private message to this user

Re: [openvzwiki] Iptables Firewall script b0rked? [message #36277 is a reply to message #36273]

Wed, 03 June 2009 11:46

defiancenl is currently offline

defiancenl
Messages: 15
Registered: June 2009

Junior Member

Iptables is empty before starting the firewall script

After the firewall is on, VZ CT are not allowed to connect/ ping / dns outside .

Report message to a moderator

Send a private message to this user

Re: [openvzwiki] Iptables Firewall script b0rked? [message #36278 is a reply to message #36277]

Wed, 03 June 2009 11:50

maratrus is currently offline

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

Quote:

After the firewall is on, VZ CT are not allowed to connect/ ping / dns outside .

Of course, you have to look through iptables rules when firewall is on.

Report message to a moderator

Send a private message to this user

Switch to threaded view of this topic

Create a new topic

Submit Reply

Previous Topic:	segfaults in VEs?
Next Topic:	Strange memory usage patterns...

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

PDF

]

Current Time: Thu Nov 20 15:55:12 GMT 2025

Total time taken to generate the page: 0.10202 seconds