Hi,
i'm working on a netfilter-configuration for the host-server ...
Can i protect one vserver against another?
I testet the following:
{...}
# Block everything between 2 vserver
iptables -A INPUT -d 192.168.0.155 -s 192.168.0.157 -j DROP
iptables -A INPUT -d 192.168.0.157 -s 192.168.0.155 -j DROP
{...}
The INPUT chain is for packets entering the box, but with vservers
packets don't enter the box, all traffic is flowing inside the box. Try
using the PREROUTING chain instead.
And which table? Am i right with the mangle table?
I played around a bit, but didn't find the solution until now ... maybe i
will try it in the next weeks again ...
Thanks!
Oliver
_______________________________________________
Vserver mailing list
[email protected]
http://list.linux-vserver.org/mailman/listinfo/vserver
