From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 24 Mar 2004 - 11:12:46 GMT
On Wed, Mar 24, 2004 at 12:12:46PM +0200, Eugeny Zadevalov wrote:
> Hello!
>
> >> uses these patches only as toy. :(
> HP> http://www.linux-vserver.org/index.php?page=VServer+Hosting
> Yeah. Cool promotion link, but no info about how they did it :)
>
> >> Is there possibility to work with iptables inside vserver?
> HP> it is possible, but not advised (for security reasons)
> It's good, please tell me more about how to enable it,
> in my point of view it's my decision to use it or not :)
linux-vserver is capability based, so you 'basically'
control/restrict the features with the capability system
/usr/include/linux/capability.h
http://archives.linux-vserver.org/200401/0081.html
CAP_NET_ADMIN and CAP_NET_RAW would apply in your case
best,
Herbert
> --
> Eugeny aka ZEV.
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver