| Re: Iptables problem - when enabled, can't access VPSes [message #20259 is a reply to message #20245] |
Fri, 14 September 2007 10:43   |
tomfra
Messages: 28
Registered: September 2007
|
Junior Member |
|
|
| ugob wrote on Fri, 14 September 2007 04:40 |
However, you must use iptables to firewall your VE's afterward, either using FORWARD rules on the HN, or using iptables inside the VEs.
|
I realized that if I enable the venet0 forwarding, any VPS traffic will not be affected by the HN firewall. This is not that bad since I plan to install firewall on each of the VPSes (they will all be owned by myself, for different projects), but it would still be nice if the VPS traffic was, to a degree, affected by the HN firewall - so that for example a hacker's IP would get blocked for all of the VPSes on the HN, even if the attack was committed towards only one of them.
Then I would have a firewall on the VPS itself, filtering the traffic further. I don't know how to accomplish that though. As I mentioned on the LXLabs forum, I am no iptables expert. But I can see some disadvantages of such a system and it would probably be just a complication anyway.
Tomas
Do you really believe the Internet is a safe place?
IdentityCloaker.com - Take Back Your Privacy!
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
