From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 18 Dec 2002 - 00:35:37 GMT
On Tue, Dec 17, 2002 at 04:29:26PM -0800, Roderick A. Anderson wrote:
> I'd like to try and get this straight in my head - poor container that it
> is.
>
> Ipchains do not work from in vservers. If so then how do I control on a
> vserver by vserver the IPs and ports that respond (or don't respond?)
> In my situation I have total control over what is running in each
> vserver but it varies for each vserver and may vary for each box I run
> Vserver on. My concern/confusion is if I do the right thing and shut out
> everything except ssh on the main server how will a vserver run a
> web-server, dns server, or mail server only.
ipchains will work (assumed you have the ipchains
compatibility module installed/compiled, because 2.4.x
uses iptables) on the physical server as expected.
It might work, in the virtual servers, if your capabilites
permit it, but I would not do that ...
best,
Herbert
PS: read the advanced routing howto, or the iptables
documentation to get a feeling what's possible with
iptables ...
> Again thanks for thoughts and ideas,
> Rod
> --
> "Open Source Software - Sometimes you get more than you paid for..."