Openvz iptables

From MS Computech
Revision as of 14:25, 3 June 2008 by Snifer (talk | contribs) (New page: How to ins iptables to openvz  <br>1.Edit files /etc/vz/vz.conf <pre>#nano /etc/vz/vz.conf</pre> <br>2.Change the line <pre># IPv4 iptables kernel modules IPTABLES="ipt_REJECT ip...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

How to ins iptables to openvz 



1.Edit files /etc/vz/vz.conf 

#nano /etc/vz/vz.conf


2.Change the line 

# IPv4 iptables kernel modules
IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length

To this 

# IPv4 iptables kernel modules
IPTABLES="iptable_nat ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length


3.Restart Openvz 

# /etc/init.d/vz restart
Shutting down VE 101
Bringing down interface venet0: ..done
Stopping OpenVZ: ..done
Starting OpenVZ: ..done
Bringing up interface venet0: ..done
Configuring interface venet0: ..done
Starting VE 101: ..done


4.Edit Container config file 

# nano /etc/vz/conf/101.conf
# vzctl set 101 --iptables "ip_tables iptable_filter iptable_mangle ipt_multiport ipt_REJECT ipt_LOG ip_conntrack ipt_conntrack ipt_state ipt_helper iptable_nat ipt_REDIRECT " --save
Retrieved from "https://msc.siamtools.com/wiki/index.php?title=Openvz_iptables&oldid=13"