[Users] iptables from inside the CT
cedric briner
work at infomaniak.ch
Mon Aug 31 10:44:56 EDT 2009
hello,
my HN ip is 10.194.66.203/24
my CT ip is 10.194.65.225/24
so my HN and CT are on the same interface, and in the same subnet.
my willing is that all the FW for CT should be treated in the CT (making
CT more auto-coherent and more easy to migrate)
so to the HN I've added the following rule:
# this one so that the HN could talk with the CT
iptables -A INPUT -i venet0 -s 10.194.64.0/24 -j ACCEPT
iptables -A OUTPUT -o venet0 -d 10.194.64.0/24 -j ACCEPT
# this to allow all forwarded data to the CT
iptables -P FORWARD ACCEPT
iptables -F FORWARD
Now, considering this, How would you write a ip rule to let ssh to pass
through.
thanks in advance.
cEd
I've added rules to my HN to allow what so ever to the CT
--
Cédric BRINER
Geneva - Switzerland
More information about the Users
mailing list