| HN iptables blocking http access [message #13516] |
Tue, 29 May 2007 07:08  |
lurnux
Messages: 3
Registered: May 2007
|
Junior Member |
|
|
Hi,
I've just started using openvz and I'm stuck with HN iptables.
I've installed Centos4 HN according instructions found in wiki.
Now everything works great except http access from every VN, when I try to go to google.com with links or use any kind of http access to anywhere i'll get only "No route to host". After some digging around i found that the requests are stuck in HN iptables rule.
Tcpdump shows:
09:59:05.748720 IP HN > VN: icmp 68: host eh-in-f99.google.com unreachable - admin prohibited
09:59:08.748990 IP VN > eh-in-f99.google.com.http: S 2235774822:2235774822(0) win 5840 <mss 1460,sackOK,timestamp 392992619 0,nop,wscale 2>
In iptables those requests are stuck with the last rule:
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
and I don't know what I should allow to get this one working.
[Updated on: Tue, 29 May 2007 09:24] Report message to a moderator |
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
