Results 1 to 3 of 3
  1. #1
    Join Date
    Mar 2009
    Location
    Austin, TX
    Posts
    935
    Is it me or that anyone else experiencing the VZ master node not properly configured for those front-end firewall programs?
    I recently purchased couple Linux VPSs (OpenVZ) from different vendors and both seems not having iptables properly configured. One of them finally got resolved, but took like a week for them to figure out what's wrong with it.
    I'm currently still stuck with second VPS not protected.
    I have not check into which iptables modules APF or CSF requires, but VPS vendors/resellers should expect their clients would be using those and properly configure their VZ master prior to deployments.
    I'm begin to wonder people that purchases VPS slices, are they using any decent firewall front-end or not.
    It always seems that ip_conntrack is missing. When exists, everything works.
    Any thoughts?

  2. #2
    Join Date
    Mar 2003
    Location
    New York City
    Posts
    7,406
    Depends on the host/company and their configurations in the end. Typically this shouldn't be a problem especially when it coems to CSF or APF :\
    Good luck with resolving them though

  3. #3
    Join Date
    Jan 2003
    Location
    U.S.A.
    Posts
    3,928
    These are the typical iptables setup on a OpenVZ host..
    IPTABLES="ip_tables iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ipt_state iptable_nat ip_nat_ftp
    It sounds like you just had some bad luck :/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •