OpenVZ Forum: Support » Iptables question

Home » General » Support » Iptables question

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Iptables question [message #2265]

Tue, 28 March 2006 01:06

jvgrago
Messages: 3
Registered: March 2006
Location: NY

Junior Member

I have just installed OpenVZ and the install was going well until I had to run vzpkgcache -f and this is when I noticed that with the OpenVZ kernel I have no access outside this server. If I stop iptables, I can do a host google.com and get a response or even do the vzpkgcache -f and it works just fine. At the top of my iptables, it shows this:

# vi /etc/sysconfig/iptables

# Generated by iptables-save v1.3.0 on Mon Mar 27 19:42:46 2006
*nat
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
COMMIT
# Completed on Mon Mar 27 19:42:46 2006
# Generated by iptables-save v1.3.0 on Mon Mar 27 19:42:46 2006
*mangle
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [277:27444]
:OUTPUT ACCEPT [226:23424]
:POSTROUTING ACCEPT [226:23424]
:PREROUTING ACCEPT [277:27444]
COMMIT
# Completed on Mon Mar 27 19:42:46 2006
# Generated by iptables-save v1.3.0 on Mon Mar 27 19:42:46 2006
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [226:23424]
:RH-Firewall-1-INPUT - [0:0]
-A FORWARD -j RH-Firewall-1-INPUT

I dont see anything wrong with this, but as soon as I start iptables, I lose internet on this server.

Second issue:

Another issue that I have ran into is that the virtual ethernet venet0 does not activate on boot. If I try to activate it, It does not let me. Here is an output of an ifconfig.

eth0 Link encap:Ethernet HWaddr 00:0C:41:E8:AD:22
inet addr:192.168.0.9 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:34800 errors:0 dropped:0 overruns:0 frame:0
TX packets:33813 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:33516583 (31.9 MiB) TX bytes:5089116 (4.8 MiB)
Interrupt:11 Base address:0xdc00

eth1 Link encap:Ethernet HWaddr 00:0F:B5:08:9A:2D
inet addr:192.168.0.99 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:2280 (2.2 KiB)
Interrupt:10 Base address:0xe000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:55 errors:0 dropped:0 overruns:0 frame:0
TX packets:55 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3946 (3.8 KiB) TX bytes:3946 (3.8 KiB)

venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:7 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

I have deactivated eth1, but for some reason its still pulling an ip (with no cable attached either).

Any ideas?

Thanks,
Jim

Report message to a moderator

[Message index]

		Iptables question By: jvgrago on Tue, 28 March 2006 01:06
		Re: Iptables question By: dev on Tue, 28 March 2006 23:55
		Re: Iptables question By: jvgrago on Wed, 29 March 2006 20:36
		Re: Iptables question By: dev on Thu, 30 March 2006 13:54
		Re: Iptables question By: jvgrago on Thu, 30 March 2006 14:53
		Re: Iptables question By: dev on Fri, 31 March 2006 09:05

Previous Topic:	CentOS 4.3 - rmmod
Next Topic:	vzquota : (error) Quota destroy syscall for id 5001: Device or resource busy

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Fri Aug 01 23:38:02 GMT 2025

Total time taken to generate the page: 0.52326 seconds