| [solved] openvz and shorewall [message #36349] |
Fri, 12 June 2009 06:04  |
novazur
Messages: 11
Registered: June 2009
|
Junior Member |
|
|
Hi,
First, sorry for my bad english.
On my VN, I have shorewall running with :
policy
fw net ACCEPT
fw vps ACCEPT
vps fw ACCEPT
vps net ACCEPT
net all REJECT info
all all REJECT info
interfaces
net eth0 detect norfc1918,routefilter,tcpflags,blacklist
vps venet0 - routeback
zones
fw firewall
net ipv4
vps ipv4
(if needed, I can post shorewall.conf)
My VN has a public IP, and all VEs privates ips.
Each time I create a new VE, so a new private ip, I can :
- ping VN from new VE
- ping new VE from VN
- ping others VE from new VE
- ping new VE from others VE
but I can't ping out (internet) from the new VE.
I spent a lot of time on that, and I found that I needed to restart shorewall to make it working.
Do you think it's possible to find something to change in shorewall config to not having to restart it ?
Thanks for your help (and for this fabulous tool).
PS: this post follows http://forum.openvz.org/index.php?t=msg&goto=36345&# msg_36345
[Updated on: Fri, 12 June 2009 17:05] by Moderator Report message to a moderator |
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
