I installed openvz virtulization on centos 5.0 and created vps with centos distro. Installed ossec inside the VPS and it's working fine. Active response / firewall drop rules everything working perfectly fine. I checked the service iptables status and it gave output firewall stop But everything working fine.
Then I installed it on the main hardware node it's not working. The active response / firewall both not working. I checked the service iptables status it showed me the rules running My question is how come ossec active response working when firewall inside the vps is stopped. And why ossec active response not working when firewall is on. I used the same ossec version for both the installation. Any idea? Thanks DM
