Jump to content
funtoo forums
Sign in to follow this  

IMPORTANT: iptables firewalls in containers

Recommended Posts

Hi everyone,


Some people are trying to set up iptables firewalls in their containers, and they are unexpectedly locking themselves out of their containers.

The reason why this is happening is because stateful connection tracking is disabled by default in OpenVZ inside a container, and I need to manually enable it. So rules that track the state of connection (NEW, ESTABLISHED, RELATED), will not work, and then typically you will lose ssh access to your container.


The solution (for now) is to contact me directly and have me enable stateful connection tracking if you plan to deploy a firewall, so that these rules will work for you.



Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this