OpenVZ Forum - RDF feed
https://new-forum.openvz.org/index.php
OpenVZ Inside Access
https://new-forum.openvz.org/index.phpindex.php?t=rview&goto=52059&th=12927#msg_52059
At the moment is openvz configured, with firewall rules allowed on the containers/vms. (csf)
It is configured.
The problem:
- Block port 80 with csf
- Still get access from another container with a different public IP to it.
So if i connect to another vms (same hn) it looks like the firewall rules are not applied and the machines can connect with each other with the rules enabled. For the outside world, the rules are fine.
What can i do to block access from container to container with the firewall on the vms, it is pretty weird this is possible by default?
Thanks.]]>tumtum2015-05-20T20:21:10-00:00Re: OpenVZ Inside Access
https://new-forum.openvz.org/index.phpindex.php?t=rview&goto=52063&th=12927#msg_52063
why should it be defined in HN who and what can accessed inside CT if not CT firewall itself?]]>Paparaciz2015-05-22T18:11:21-00:00Re: OpenVZ Inside Access
https://new-forum.openvz.org/index.phpindex.php?t=rview&goto=52064&th=12927#msg_52064
1 CT = running NGINX Reverse Proxy (CSF)
1 CT = Webserver (CSF)
1 HN = CSF / OpenVZ
With CSF Closing all ports on the Webserver CT/VM, but the NGINX Reverse Proxy can still access port 80/443 etc.
How is that possible? The ports are not closed for the cts?]]>tumtum2015-05-22T20:29:39-00:00Re: OpenVZ Inside Access
https://new-forum.openvz.org/index.phpindex.php?t=rview&goto=52065&th=12927#msg_52065
what iptables rules are applied on "1 CT = Webserver (CSF)"?]]>Paparaciz2015-05-23T06:37:38-00:00