From: Matthieu Racine (m.racine_at_free.fr)
Date: Wed 19 Feb 2003 - 11:10:51 GMT
>thanks to Luis Miguel Silva`s help (iptables -A POSTROUTING -t nat -s
>insert.vserver.ip -d 0/0 -j SNAT --to insert.internet.ip) I can now access
>the internet from within a vserver - BUT I cannot access the vserver(s) from
>outside the host-computer. The host IP and the IPs of the vservers are in the
>same IP-range (192.168.x.y). Does anyone know how to access the different
>services (ssh, apache, ...) on a vserver from the outside? What things have
>to be set up/installed?
You have to DNAT on your firewall to the address of your vserver :
iptables -t nat -A PREROUTING -i <external (Internet) interface of your
firewall> -s 0/0 -d <external FW IP> --dport <port you want to use to
access the service> -j DNAT --to-destination <IP address of the
vserver>:<port you want to access on the vserver>
Note that this is not a vserver issue. It's a routage/Firewalling
problem and can be applied even if the server is not running a vserver.