Jump to content
funtoo forums
Sign in to follow this  
drobbins

IMPORTANT: iptables firewalls in containers

Recommended Posts

Hi everyone,

 

Some people are trying to set up iptables firewalls in their containers, and they are unexpectedly locking themselves out of their containers.

The reason why this is happening is because stateful connection tracking is disabled by default in OpenVZ inside a container, and I need to manually enable it. So rules that track the state of connection (NEW, ESTABLISHED, RELATED), will not work, and then typically you will lose ssh access to your container.

 

The solution (for now) is to contact me directly and have me enable stateful connection tracking if you plan to deploy a firewall, so that these rules will work for you.

 

-Daniel

Share this post


Link to post
Share on other sites
Guest
You are commenting as a guest. If you have an account, please sign in.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoticons maximum are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×