OpenVZ iptables Active

From MS Computech
Revision as of 08:50, 6 September 2012 by Snifer (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

วิธีการ Active Firewall บน HN Guest OS OpenVZ

บนเครื่อง Host ต้อง Load mod 

modprobe xt_tcpudp
modprobe ip_conntrack
modprobe xt_state

แก้ไข Config file ของ HN /etc/vz/conf/101.conf โดยเพิ่ม 

IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state ipt_nat ipt_MASQUERADE"

Restart HN 

vzctl restart 101

Source

Retrieved from "https://msc.siamtools.com/wiki/index.php?title=OpenVZ_iptables_Active&oldid=1130"