On Sun, Aug 25, 2013 at 8:01 PM, Adriaan
<adriaan@a-happy-linux-vserver-user.nl> wrote:
> Hi there,
>
> First of all, many thanks for Linux Vserver, and many thanks for the
> Sand repository for Debian Wheezy. Lifesavers. Great, thanks!
>
> I like to use Shorewall but can't get it to work with Linux Vserver.
> (I'm using Shorewall with OpenVZ since quite a while, but I'm slowly
> moving from OpenVZ to Linux Vserver).
>
> Scenario :
> One public ip address.
> One NIC.
> Vservers have 10.0.0.x addresses, using NAT to separate web and email
> services over various vservers.
you cannot use /etc/shorewal/nat for several vserver guests, if you
have only one IP, it is designed for 1:1 traffic. you must use
separate DNAT rules in shorewall/rules and utilize eg. shorewall/masq
for SNAT traffic
contact me on jabber (the same address as email if you want live help)
s.
Received on Sun Aug 25 20:36:35 2013