OpenVZ Inside Access [message #52059] |
Wed, 20 May 2015 20:21 |
tumtum
Messages: 6 Registered: May 2015
|
Junior Member |
|
|
Hello,
At the moment is openvz configured, with firewall rules allowed on the containers/vms. (csf)
It is configured.
The problem:
- Block port 80 with csf
- Still get access from another container with a different public IP to it.
So if i connect to another vms (same hn) it looks like the firewall rules are not applied and the machines can connect with each other with the rules enabled. For the outside world, the rules are fine.
What can i do to block access from container to container with the firewall on the vms, it is pretty weird this is possible by default?
Thanks.
Yes, I am!
[Updated on: Wed, 20 May 2015 20:21] Report message to a moderator
|
|
|
|
Re: OpenVZ Inside Access [message #52064 is a reply to message #52063] |
Fri, 22 May 2015 20:29 |
tumtum
Messages: 6 Registered: May 2015
|
Junior Member |
|
|
Example:
1 CT = running NGINX Reverse Proxy (CSF)
1 CT = Webserver (CSF)
1 HN = CSF / OpenVZ
With CSF Closing all ports on the Webserver CT/VM, but the NGINX Reverse Proxy can still access port 80/443 etc.
How is that possible? The ports are not closed for the cts?
Yes, I am!
|
|
|
|