Thanks for the pointers

Hm i think it is this?

2   120 DROP       all  --  venet0 *       0.0.0.0/0            0.0.0.0/0

So how to accept traffic from venet0?


Thanxs
Steffan

-----Oorspronkelijk bericht-----
Van: Vasily Averin <v...@virtuozzo.com> 
Verzonden: woensdag 6 januari 2021 11:27
Aan: users@openvz.org; mailingl...@tikklik.nl
Onderwerp: Re: [Users] firewalld HW node

Dear Steffan,
I think this behavior depends on IP addressed used by containers.
Though anyway: for troubleshooting you need to look at counters of iptables 
rules on host, this should help you to understand which one eats containers 
packets. Then you'll need to modify the rules.

Please generate some trafic  from container to host and use following commands 
to find dropped packets.
iptables -L -n -v
iptables -L -n -v -t mangle
iptables -L -n -v -t nat


Thank you,
        Vasily Averin 

On 1/5/21 2:52 PM, mailingl...@tikklik.nl wrote:
> Hello,
> 
>  
> 
> When enabling firewalld on the hardware node (openvz 7)
> 
> The VPS on it cant SSH tot his node
> It can ssh outside to other nodes.
> 
> i can remote SSH tot he HW node
> Any idee why local is not working?
> 
> 
> With regards
> 
> Steffan
> 
> 
> _______________________________________________
> Users mailing list
> Users@openvz.org
> https://lists.openvz.org/mailman/listinfo/users
> 


_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users

Reply via email to