[vserver] Re: vserver problem

From: Bruno Prémont <bonbons_at_linux-vserver.org>
Date: Wed 27 Feb 2013 - 13:01:43 GMT
Message-ID: <20130227140143.6ab95c9b@pluto.restena.lu>

Hi David,

Please always address such requests to mailing list.

On Wed, 27 Feb 2013 13:39:13 +0100 Dawid Golak wrote:
> I have the configured server with vserver (debian). Everything work fine,
> without domains and public IP from host and guest (via ethernet everything
> works ok)
>
> I have eth0 with the public address and vserver with private address
> (192.168.1.101)
>
> I have installed apache2 on the guest.
> I made postrouting
> iptables -t nat -I POSTROUTING -s 192.168.1.0/24 ! -d 192.168.1.0/24 -j
> SNAT --to-source 37.59.xx.xx
>
> prerouting on the host:
> iptables -t nat -I PREROUTING --protocol tcp --destination-port 80 -j DNAT
> --to-destination 192.168.1.101:80
> and when I want to connect from public IP or domains it works fine -
> redirected to the vserver.
>
> I have problem when I want to connect from host or the guest to port 80 via
> domain name or public IP. (this is required to work the local script via
> wget [works on the cron])
>
> telnet 37.59.xx.xx 80
> Trying 37.59.xx.xx...
> telnet: Unable to connect to remote host: Connection refused
>
> but:
> telnet 192.168.1.101 80
> Trying 192.168.1.101...
> Connected to 192.168.1.101.
> Escape character is '^]'.
>
> It's ok.
>
> What have I change or add to my configuration ?

Probably you will have to copy your rule from PREROUTING to OUTPUT
in nat table in order to catch packets generated on your machine.

Also have a read of the iptables man page.

Bruno
Received on Wed Feb 27 13:01:52 2013

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 27 Feb 2013 - 13:01:53 GMT by hypermail 2.1.8