Quoting Rory Campbell-Lange (r...@campbell-lange.net): > On 04/06/13, Michael H. Warfield (m...@wittsend.com) wrote: > > > I'd be grateful to know if anyone has some firewall (iptables) advice for > > > allowing traffic to the container? I expect to run another firewall on the > > > container itself. > > > > That's probably your FORWARD chain there. Set that policy to ACCEPT and > > flush all the rules from the FORWARD chain like this: > > > > iptables -P FORWARD ACCEPT > > iptables -F FORWARD > > > > FORWARD chain is going to affect packets forwarded over the host's > > bridge to the containers. The INPUT and OUTPUT chains will affect the > > packets coming in and going out from the local host's OS interfaces. > > > > Depending on your distro, track down your persistent rule storage and > > make those changes permanent. Fedora prior to firewalld (here we go > > again), RedHat, and RH derivatives (CentOS et al) are generally > > in /etc/sysconfig/iptables unless you've also installed one of the > > sundry firewall toolkits. Ubuntu, I'm not so sure about. > > I'm using Debian, and I'm using a simple ufw firewall on the host server > at present. > > The iptables -L output is here: > > http://pastebin.com/QzQKRDX0 > > I don't have any trouble with the firewall restarting. > > Thanks very much > Rory
I think 'ufw status' information will probably be more helpful. ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
