Iptables on Host Node [message #36340] |
Thu, 11 June 2009 16:24 |
Ashley
Messages: 40 Registered: December 2006
|
Member |
|
|
Hello,
I am looking at securing my Host Node's, I was looking at trying to block all traffic to the host node's IP apart from SSH port and my port used for my own soap server.
Would this cause any problem's and also what ipconfig line's could I use to just block traffic to the one IP and not all the VPS's?
Thanks,
Ashley
|
|
|
Re: Iptables on Host Node [message #36805 is a reply to message #36340] |
Mon, 20 July 2009 23:30 |
irontowngeek
Messages: 20 Registered: January 2009
|
Junior Member |
|
|
As a suggestion for an alternative to using IPTABLES syntax,I would like to recommend using SHOREWALL firewall on the Node server.
It has excellent docs,and makes it easier for a user,if they are not that familiar with working with IPTABLES syntax.(all you need to do,is edit certain config files.(zones,interfaces,SNAT,DNAT,traffic shaping,etc)
To answer your question,you are doing to have to DNAT the incoming source IP subnet/address,to reflect the IP address(s) that you need to re-direct towards a given VE container.
Before moving to SHOREWALL,I configured an init script upon bootup,that would lock down access to the Node,and then open up the ports I needed,or redirected to a VE.
I'm at a Windows workstation at the moment,and I will post this
setup I used before,in hopes it may be useful to you,or use a guide.
|
|
|
|