On Tue, Dec 17, 2002 at 04:29:26PM -0800, Roderick A. Anderson wrote: > I'd like to try and get this straight in my head - poor container that it > is. > > Ipchains do not work from in vservers. If so then how do I control on a > vserver by vserver the IPs and ports that respond (or don't respond?) > In my situation I have total control over what is running in each > vserver but it varies for each vserver and may vary for each box I run > Vserver on. My concern/confusion is if I do the right thing and shut out > everything except ssh on the main server how will a vserver run a > web-server, dns server, or mail server only.
ipchains will work (assumed you have the ipchains compatibility module installed/compiled, because 2.4.x uses iptables) on the physical server as expected. It might work, in the virtual servers, if your capabilites permit it, but I would not do that ... best, Herbert PS: read the advanced routing howto, or the iptables documentation to get a feeling what's possible with iptables ... > Again thanks for thoughts and ideas, > Rod > -- > "Open Source Software - Sometimes you get more than you paid for..."
