OpenVZ Forum: Support

Home » General » Support » IRC

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: IRC [message #16006 is a reply to message #16002]

Sat, 18 August 2007 18:44

dowdle
Messages: 261
Registered: December 2005
Location: Bozeman, Montana

Senior Member

I'd recommend the solution recommended in the OpenVZ Wiki:

Setting up an iptables firewall
http://wiki.openvz.org/Setting_up_an_iptables_firewall

Just edit the script to add the ports you want on your host node. For VPSes, just create a file for each VPS that specifies just what ports you want open and plop that into the /etc/firewall.d directory. Works rather well in my somewhat limited experience.

The only problem with this solution is that the firewall rules do not follow the VPS when it is migrated from one physical host to another... although I imagine anyone who wanted to could add that functionality to the vzmigrate script and check to see if a firewall file for the VPS exists (after coming up with a standard name for the VPS files... like VEID for example) and to migrate that as well... and then restart the firewall service on the destination machine after the migration is complete.

I doubt this functionality will ever become a stock part of vzmigrate or vzctl... because so many people have their own, usually custom, firewall setups.

--
TYL, Scott Dowdle
Belgrade, Montana, USA

Report message to a moderator

[Message index]

		IRC By: zwtint on Fri, 17 August 2007 21:13
		Re: IRC By: alticon-brian on Fri, 17 August 2007 21:59
		Re: IRC By: zwtint on Sat, 18 August 2007 06:33
		Re: IRC By: dowdle on Sat, 18 August 2007 18:44
		Re: IRC By: zwtint on Sat, 18 August 2007 18:59
		Re: IRC By: dowdle on Sat, 18 August 2007 19:07
		Re: IRC By: zwtint on Sat, 18 August 2007 19:20
		Re: IRC By: dowdle on Sat, 18 August 2007 20:39
		Re: IRC By: locutius on Sat, 18 August 2007 21:42
		Re: IRC By: zwtint on Sun, 19 August 2007 07:20
		Re: IRC By: dowdle on Sun, 19 August 2007 12:30
		Re: IRC By: zwtint on Sun, 19 August 2007 16:42
		Re: IRC By: dowdle on Sun, 19 August 2007 17:05
		Re: IRC By: zwtint on Sun, 19 August 2007 17:20
		Re: IRC By: dowdle on Sun, 19 August 2007 18:31
		Re: IRC By: zwtint on Sun, 19 August 2007 18:34
		Re: IRC By: dowdle on Sun, 19 August 2007 19:44
		Re: IRC By: zwtint on Sun, 19 August 2007 19:28
		Re: IRC By: locutius on Mon, 20 August 2007 20:10
		Re: IRC By: zwtint on Sun, 19 August 2007 19:49
		Re: IRC By: zwtint on Tue, 21 August 2007 06:01

Previous Topic:	Strange performance issue
Next Topic:	Running X server in VE

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Wed Sep 11 19:09:05 GMT 2024

Total time taken to generate the page: 0.05434 seconds