From: Björn Steinbrink (B.Steinbrink_at_gmx.de)
Date: Thu 07 Jul 2005 - 13:16:02 BST

• Previous message: Oliver Welter: "Re: [Vserver] Firewall between two vserver"
• In reply to: o.dietz_at_nexgo.de: "[Vserver] Firewall between two vserver"
• Next in thread: Oliver Dietz: "Re: [Vserver] Firewall between two vserver"
• Reply: Oliver Dietz: "Re: [Vserver] Firewall between two vserver"

On 2005.07.07 13:51:57 +0200, o.dietz_at_nexgo.de wrote:
> Hello,
>
> i'm working on a netfilter-configuration for the host-server ...
>
> Can i protect one vserver against another?
>
> I testet the following:
>
> {...}
> # Block everything between 2 vserver
> iptables -A INPUT -d 192.168.0.155 -s 192.168.0.157 -j DROP
> iptables -A INPUT -d 192.168.0.157 -s 192.168.0.155 -j DROP
> {...}
>

The INPUT chain is for packets entering the box, but with vservers
packets don't enter the box, all traffic is flowing inside the box. Try
using the PREROUTING chain instead.

HTH
Björn
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

• Previous message: Oliver Welter: "Re: [Vserver] Firewall between two vserver"
• In reply to: o.dietz_at_nexgo.de: "[Vserver] Firewall between two vserver"
• Next in thread: Oliver Dietz: "Re: [Vserver] Firewall between two vserver"
• Reply: Oliver Dietz: "Re: [Vserver] Firewall between two vserver"