<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">2014-02-25 21:46 GMT+04:00 Scott Dowdle <span dir="ltr"><<a href="mailto:dowdle@montanalinux.org" target="_blank">dowdle@montanalinux.org</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Greetings,<br>
<div class=""><br>
----- Original Message -----<br>
> I have several bridged containers I need to run iptables on. I<br>
> assumed since they were bridged it would just work. Are there any<br>
> knobs I must turn to enable iptables on the container?<br>
<br>
</div>There are a few wiki pages on iptables stuff. Have you consulted them.<br>
<br>
I haven't used iptables with OpenVZ for quite a while so I'm surely rusty... but I think the gist of it is to make sure you have all of the needed modules loaded on the host node. Some distros use different kernels... and as a result some of the programs they provide to manage iptables may or may not work with the iptables modules provided by your host node kernel.<br>
</blockquote><div><br></div><div>Basically, you need this + capability NET_ADMIN turned on.<br><br>something like this in /etc/vz/conf/123.conf:<br><br>IPTABLES="ip_tables iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ip_conntrack ipt_state ipt_recent "<br>
CAPABILITY=" NET_ADMIN:on" <br><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
TYL,<br>
<span class=""><font color="#888888">--<br>
Scott Dowdle<br>
704 Church Street<br>
Belgrade, MT 59714<br>
(406)388-0827 [home]<br>
(406)994-3931 [work]<br>
</font></span><div class=""><div class="h5">_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@openvz.org">Users@openvz.org</a><br>
<a href="https://lists.openvz.org/mailman/listinfo/users" target="_blank">https://lists.openvz.org/mailman/listinfo/users</a><br>
</div></div></blockquote></div><br></div></div>