About this list Date view Thread view Subject view Author view Attachment view

From: Luís Miguel Silva (lms_at_ispgaya.pt)
Date: Wed 19 Feb 2003 - 11:47:02 GMT


well, you have to set up a port forward for that ip (or are you filtering
the port?)

I didnt quite understand, your root server and vservers are on the same
network?
Did you meant with 192.168.x.y that both of them have a equal "x" value?
heheh

If you have something like this:

[Internet] <-> [Root server] <-> [Vserver]
-the root server can acess the vserver and the internet
-the internet can only acess the vserver
-the vserver can acess the root server and the internet

if you want "the internet" to be able to access some ports on the vserver,
you should set up a port forwarding for those ports on the root server.

You can try something like this on the root server:
iptables -A PREROUTING -t nat -p tcp -d insert.root.server.ip --dport 80 -j
DNAT --to insert.vserver.ip.here
iptables -A FORWARD -p tcp -d insert.vserver.ip.here --dport 80 -j ACCEPT

*but*...if you have something like this:

[network 192.168.1.x] -> [root server with ip 192.168.1.254 and
192.168.2.254] -> [vserver on network 192.168.2.x]

if you want everybody on network 192.168.1.x to *transparently* access the
network 192.168.3.x you should set up masquerading on the root server and
add a route on the "network 192.168.1.x" machines.

Try something like this on network 192.168.1.x:
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.254

Best regards,
+-----------------------------------------
| Luís Miguel Silva
| Network Administrator@ ISPGaya.pt
| Rua António Rodrigues da Rocha, 291/341
| Sto. Ovídio • 4400-025 V. N. de Gaia
| Portugal
| T: +351 22 3745730/3/5 F: +351 22 3745738
| G: +351 93 6371253 E: lms_at_ispgaya.pt
| H: http://lms.ispgaya.pt/
+-----------------------------------------

-----Mensagem original-----
De: Debby [mailto:debby_at_aachenconsulting.de]
Enviada: quarta-feira, 19 de Fevereiro de 2003 9:26
Para: vserver_at_solucorp.qc.ca
Assunto: [vserver] How to access the different services (ssh, apache,
...) on a vserver from the outside?

Hi guys,

thanks to Luis Miguel Silva`s help (iptables -A POSTROUTING -t nat -s
insert.vserver.ip -d 0/0 -j SNAT --to insert.internet.ip) I can now access
the internet from within a vserver - BUT I cannot access the vserver(s) from
outside the host-computer. The host IP and the IPs of the vservers are in
the
same IP-range (192.168.x.y). Does anyone know how to access the different
services (ssh, apache, ...) on a vserver from the outside? What things have
to be set up/installed?

Thanks,
Debby


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 19 Feb 2003 - 12:08:36 GMT by hypermail 2.1.3