From: Luís Miguel Silva (lms_at_ispgaya.pt)
Date: Wed 19 Feb 2003 - 11:47:02 GMT
well, you have to set up a port forward for that ip (or are you filtering
the port?)
I didnt quite understand, your root server and vservers are on the same
network?
Did you meant with 192.168.x.y that both of them have a equal "x" value?
heheh
If you have something like this:
[Internet] <-> [Root server] <-> [Vserver]
-the root server can acess the vserver and the internet
-the internet can only acess the vserver
-the vserver can acess the root server and the internet
if you want "the internet" to be able to access some ports on the vserver,
you should set up a port forwarding for those ports on the root server.
You can try something like this on the root server:
iptables -A PREROUTING -t nat -p tcp -d insert.root.server.ip --dport 80 -j
DNAT --to insert.vserver.ip.here
iptables -A FORWARD -p tcp -d insert.vserver.ip.here --dport 80 -j ACCEPT
*but*...if you have something like this:
[network 192.168.1.x] -> [root server with ip 192.168.1.254 and
192.168.2.254] -> [vserver on network 192.168.2.x]
if you want everybody on network 192.168.1.x to *transparently* access the
network 192.168.3.x you should set up masquerading on the root server and
add a route on the "network 192.168.1.x" machines.
Try something like this on network 192.168.1.x:
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.254
Best regards,
+-----------------------------------------
| Luís Miguel Silva
| Network Administrator@ ISPGaya.pt
| Rua António Rodrigues da Rocha, 291/341
| Sto. Ovídio • 4400-025 V. N. de Gaia
| Portugal
| T: +351 22 3745730/3/5 F: +351 22 3745738
| G: +351 93 6371253 E: lms_at_ispgaya.pt
| H: http://lms.ispgaya.pt/
+-----------------------------------------
-----Mensagem original-----
De: Debby [mailto:debby_at_aachenconsulting.de]
Enviada: quarta-feira, 19 de Fevereiro de 2003 9:26
Para: vserver_at_solucorp.qc.ca
Assunto: [vserver] How to access the different services (ssh, apache,
...) on a vserver from the outside?
Hi guys,
thanks to Luis Miguel Silva`s help (iptables -A POSTROUTING -t nat -s
insert.vserver.ip -d 0/0 -j SNAT --to insert.internet.ip) I can now access
the internet from within a vserver - BUT I cannot access the vserver(s) from
outside the host-computer. The host IP and the IPs of the vservers are in
the
same IP-range (192.168.x.y). Does anyone know how to access the different
services (ssh, apache, ...) on a vserver from the outside? What things have
to be set up/installed?
Thanks,
Debby