OpenVZ Forum


Home » General » Support » configure iptables on VZ7 host (unable to configure rules on ovz7 node)
Re: configure iptables on VZ7 host [message #52949 is a reply to message #52948] Sun, 03 September 2017 10:48 Go to previous messageGo to previous message
mangust is currently offline  mangust
Messages: 39
Registered: April 2008
Location: USA
Member
We did barbarian way this time

cat <<EOT > /root/closeip6.sh
#!/bin/sh

/usr/sbin/ip6tables -P FORWARD DROP
/usr/sbin/ip6tables -P INPUT DROP
/usr/sbin/ip6tables -P OUTPUT DROP

/usr/sbin/ip6tables -F
/usr/sbin/ip6tables -t nat -F
/usr/sbin/ip6tables -t mangle -F
/usr/sbin/ip6tables -t raw -F
/usr/sbin/ip6tables -t nat -F

/usr/sbin/ip6tables -X
/usr/sbin/ip6tables -t nat -X
/usr/sbin/ip6tables -t mangle -X
/usr/sbin/ip6tables -t raw -X
/usr/sbin/ip6tables -t nat -X


EOT

chmod +x /root/closeip6.sh

cat <<EOT > /etc/cron.d/closeip6
@reboot root /root/closeip6.sh
* * * * * root /root/closeip6.sh
EOT

systemctl restart crond

It works, remember last MadMax movie? "Witness me!!!" This is what I feel by controlling firewall this way Smile

Any better way?

[Updated on: Sun, 03 September 2017 10:48]

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Previous Topic: Container root disk is not configured
Next Topic: Unable to connect OpenVZ 7 via virsh
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Tue Oct 03 11:03:18 GMT 2023

Total time taken to generate the page: 0.02354 seconds
Powered by FUDforum Powered by Virtuozzo Containers