Le 21/03/2012 19:29, Jarry a écrit :
> On 21-Mar-12 14:30, Christian Balzer wrote:
>
>> Every once in a while (actually more frequent than that) the need for
>> iptables in a guest creeps up.
>
> That is the only thing I'm really badly missing in vserver.
> Actually, I'm seriously thinking of moving to openvz, because
> my vserver-guest-users frequently ask me for iptables-support...
>
> Jarry
vserver is lightweigth isolation so you have case where it does not fit,
best performances but some limitations. I guess you can use network
namespace with vservers and that should allow the iptables usage but i
am not sure of that i never used them. The flower page has some
namespace settings but i do not know what they mean ( this activate
namespace...). Do the iptable request are really good quality filtering
or just buzzword "firewall" compliant like accepting all open port and
rejecting all allready closed ones with no outbound filtering ?
openvz , bah some can love to be a beta tester for parrallels
commercial product , some not :p
ghislain.