From: Paul Sladen (vserver_at_paul.sladen.org)
Date: Wed 09 Jul 2003 - 15:49:49 BST
On Wed, 9 Jul 2003, Oliver Dzombic wrote:
> iptables works 100% at the real server. No errors. Iptables and all possible
> modules were compiled in the kernel.
With vserver, there is only one kernel involved. Setting up firewall
entries on that one kernel is a system-level function and should be done in
the host-server (even if you are setting up rules that work with a vserver's
assigned IP addresses).
Short answer: do it in the host-server.
-- War is inconsistent with Truth. Nottingham, GB