OpenVZ is an Operating System-level server virtualization solution, built on Linux. OpenVZ creates isolated, secure virtual environments

headers Mikko Vasili Hirvonen | 1 Feb 2012 12:17

Hello users@...

I'm trying to upgrade our rhel5 based openvz servers to rhel6 but I got
problem with iptables. If I try to use firewall inside container, I can
load rules, but firewall rejects all incoming packets. Host is redhet-6
and container is centos-6. I tested with kernels

vzkernel-2.6.32-042stab044.17.x86_64
vzkernel-2.6.32-042stab048.1.x86_64
vzkernel-2.6.32-042stab049.2.x86_64

My firewall config
# Generated by iptables-save v1.4.7 on Wed Feb  1 13:05:26 2012
*mangle
:PREROUTING ACCEPT [2:381]
:INPUT ACCEPT [2:381]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4:559]
:POSTROUTING ACCEPT [4:559]
COMMIT
# Completed on Wed Feb  1 13:05:26 2012
# Generated by iptables-save v1.4.7 on Wed Feb  1 13:05:26 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4:559]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

Mon	Tue	Wed	Thu	Fri	Sat	Sun

		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29

23	May 2013
23	April 2013
24	March 2013
22	February 2013
36	January 2013
23	December 2012
42	November 2012
29	October 2012
72	September 2012
29	August 2012
49	July 2012
41	June 2012
56	May 2012
64	April 2012
113	March 2012
31	February 2012
46	January 2012
39	December 2011
83	November 2011
55	October 2011
40	September 2011
66	August 2011
8	July 2011
33	June 2011
75	May 2011
30	April 2011
33	March 2011
17	February 2011
21	January 2011
37	December 2010
41	November 2010
11	October 2010
52	September 2010
46	August 2010
122	July 2010
76	June 2010
48	May 2010
88	April 2010
67	March 2010
61	February 2010
86	January 2010
53	December 2009
57	November 2009
22	October 2009
45	September 2009
47	August 2009
42	July 2009
50	June 2009
28	May 2009
25	April 2009
58	March 2009
53	February 2009
130	January 2009
92	December 2008
94	November 2008
35	October 2008
93	September 2008
95	August 2008
65	July 2008
70	June 2008
107	May 2008
41	April 2008
68	March 2008
81	February 2008
104	January 2008
208	December 2007
85	November 2007
80	October 2007
92	September 2007
62	August 2007
51	July 2007
54	June 2007
98	May 2007
95	April 2007
147	March 2007
56	February 2007
55	January 2007
77	December 2006
50	November 2006
47	October 2006
23	September 2006
43	August 2006
15	July 2006
39	June 2006
62	May 2006
19	April 2006
66	February 2006
36	January 2006
3	December 2005
8	November 2005
18	September 2005
1	January 2004

RHEL6 and stateful firewall inside container

Re: RHEL6 and stateful firewall inside container

Re: RHEL6 and stateful firewall inside container

Re: Problems doing live migration

Re: Share container's HD space over servers

vmstat FPE

sync in container

Re: RHEL6 and stateful firewall inside container

howto device by-id

Re: A question about Node RAM