On 11/10/2013 4:56 AM, Johannes Graumann wrote: > Hello, > > I am running a server with one external NIC and a bridge that serves a bunch > of lxc containers. > > That bridge/NIC masqerades as the external NIC via a masq file entry. > > One of the lxc containers runs nginx and ports 80 and 443 from the external > NIC are DNATed to that container. > > If I now try to use e.g the https URL of the EPEL repository from within one > of the lxc containers, I get >> Error: Cannot retrieve metalink for repository: epel. Please verify its >> path and try again > > Changing the corresponding URL to "http" rather than "https" makes a yum > call go through just fine. > > Is the firewalling setup to blame for this and if yes how to fix it? >
Not enough information to say. Which URL are you using? What does the DNS name resolve to? Are you getting any 'Shorewall' messages when you try to connect? It would be best if you forwarded the output of 'shorewall dump' along with the information requested at http://www.shorewall.net/support.htm#Guidelines. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
