allow firewall to pass all traffic for containers? [message #46030] |
Mon, 23 April 2012 18:36 |
bluerfoot
Messages: 3 Registered: April 2012
|
Junior Member |
|
|
Well I just put centos as a host on my netbook (works much better then windows btw) and installed a second instance of centos in a container. I would like to know, how can I now allow containers to reach the outside world? My pings from within the container fail until I run iptables -F on the host. Since I don't want to disable the host firewall I am hoping there is an easy way to simply let all traffic in and out to my containers, also allowing complete communication between the host and the container. Since this is just a learning environment for me I am not concerned with container access to the host or anything of that nature. BTW I did look at this htp://wiki.openvz.org/Setting_up_an_iptables_firewall, but frankly it is above my head at the moment and I am hoping there are a few simple rules/commands I can run that will allow the container machine to communicate, again without just disabling the host firewall.
here is the failed ping from my guest container, the 192.168.1.42 is the host...
[root@centos ~]# vzctl enter 101
entered into CT 101
[root@server /]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8. 56(84) bytes of data.
From 192.168.1.42 icmp_seq=1 Destination Host Prohibited
From 192.168.1.42 icmp_seq=2 Destination Host Prohibited
From 192.168.1.42 icmp_seq=3 Destination Host Prohibited
From 192.168.1.42 icmp_seq=4 Destination Host Prohibited
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3884ms
Thanks much for listening. btw please put an extra t in http to follow the above like to the firewall info, I cant post a link till I have 10 posts
[Updated on: Mon, 23 April 2012 18:42] Report message to a moderator
|
|
|