Hello users@openvz.org I'm trying to upgrade our rhel5 based openvz servers to rhel6 but I got problem with iptables. If I try to use firewall inside container, I can load rules, but firewall rejects all incoming packets. Host is redhet-6 and container is centos-6. I tested with kernels
vzkernel-2.6.32-042stab044.17.x86_64 vzkernel-2.6.32-042stab048.1.x86_64 vzkernel-2.6.32-042stab049.2.x86_64 My firewall config # Generated by iptables-save v1.4.7 on Wed Feb 1 13:05:26 2012 *mangle :PREROUTING ACCEPT [2:381] :INPUT ACCEPT [2:381] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [4:559] :POSTROUTING ACCEPT [4:559] COMMIT # Completed on Wed Feb 1 13:05:26 2012 # Generated by iptables-save v1.4.7 on Wed Feb 1 13:05:26 2012 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [4:559] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Wed Feb 1 13:05:26 2012 Is it know problem or is it my misconfiguration? Firewall on redhat-5 is functioning fine. -- Mikko Hirvonen <mikko.v.hirvo...@helsinki.fi> Helsingin yliopisto / Tietotekniikkakeskus / Verkkopalvelut _______________________________________________ Users mailing list Users@openvz.org https://openvz.org/mailman/listinfo/users
