| Re: Iptables on Host Node [message #36805 is a reply to message #36340] |
Mon, 20 July 2009 23:30   |
irontowngeek
Messages: 20
Registered: January 2009
|
Junior Member |
|
|
As a suggestion for an alternative to using IPTABLES syntax,I would like to recommend using SHOREWALL firewall on the Node server.
It has excellent docs,and makes it easier for a user,if they are not that familiar with working with IPTABLES syntax.(all you need to do,is edit certain config files.(zones,interfaces,SNAT,DNAT,traffic shaping,etc)
To answer your question,you are doing to have to DNAT the incoming source IP subnet/address,to reflect the IP address(s) that you need to re-direct towards a given VE container.
Before moving to SHOREWALL,I configured an init script upon bootup,that would lock down access to the Node,and then open up the ports I needed,or redirected to a VE.
I'm at a Windows workstation at the moment,and I will post this
setup I used before,in hopes it may be useful to you,or use a guide.
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
