Hello, the reason of this issue is that VPS and Host talk through interface venet0. So you have to tune iptables to work properly with this interface too.
Here is a small patch for your script.
You can easily change it if you wish some slightly other behaviour.
--- firewall.sh.back 2006-05-10 19:23:09.000000000 +0400
+++ firewall.sh 2006-05-10 20:40:00.000000000 +0400
@@ -97,6 +97,16 @@ $IPT -A INPUT -i $INTERFACE -p icmp -s $
$IPT -A OUTPUT -o $INTERFACE -p icmp -s $IPADDR \
--icmp-type echo-reply -d $LAN -j ACCEPT
+
+# Allow host to ping VPS
+VENET="venet0"
+VPSIP="192.168.0.102"
+$IPT -A OUTPUT -o $VENET -p icmp -s $IPADDR \
+--icmp-type echo-request -d $VPSIP -j ACCEPT
+# Allow host to recieve ping from from VPS
+$IPT -A INPUT -i $VENET -p icmp -s $VPSIP \
+--icmp-type echo-request -d $IPADDR -j ACCEPT
+
# ===================================
# Allow limited access to host
Good luck.
OpenVZ Forum
Members
Search
Help
Register
Login
Home
