On Wed, 3 Dec 2008, Dan Brown wrote: > The firewall rules for iptables are setup for the real servers on eth0 for > both the LVS-DR server and the LVS-TUN server.
Does it work OK without the iptables rules? > The tunl0 I originally gave an IP of 192.168.10.5 as it > served no purpose by itself other than to exist the tunl device usually has the VIP > If I block everything except traffic to the server from the > director I still get traffic through to the remote server. I have no idea what this means. > eg. iptables -I INPUT -s ! lvsdirector -d ! lvscheckhost -p tcp --dport 80 > -i eth0 -j REJECT > > So how to I make the server at the end of the tunnel filter via iptables the > traffic redirected from the LVS directors? Is a second set of rules > required for the tunl0 interface and it's aliases? I suspect you posting is something like this "My LVS-Tun setup is working fine. I want to filter the packets coming from the director to the realserver so that X happens. I tried these following rules and X does not happen but Y does happen as shown by test Z. What should I do?" Is this correct? If so please fill in X, Y and Z. Joe -- Joseph Mack NA3T EME(B,D), FM05lw North Carolina jmack (at) wm7d (dot) net - azimuthal equidistant map generator at http://www.wm7d.net/azproj.shtml Homepage http://www.austintek.com/ It's GNU/Linux! _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
