[Lxc-users] reg iptables usage in containers
srinivas k
srinuk at outlook.com
Fri Nov 8 03:23:39 UTC 2013
For the below mail I also tried below command within container and it didnt work iptables -t nat -A POSTROUTING -s 192.168.0.1/24 -o eth0 -j MASQUERADE
From: srinuk at outlook.com
To: jay at jaytaylor.com; aartipsawant10 at gmail.com; lxc-users at lists.sourceforge.net
Subject: RE: [Lxc-users] reg iptables usage in containers
Date: Thu, 7 Nov 2013 19:22:05 -0800
Hi All,I have 2 containers created with 2 different config like as shown below and I am running a shell in both containers using the command
sudo lxc-execute -n left -f /home/srinivas/lxcpersonal.conf /bin/
lxcpersonal_right.conflxc.utsname = right lxc.network.type = vethlxc.network.flags = uplxc.network.link = lxcbr0lxc.network.hwaddr = 4a:59:c4:d4:e5:f6 lxc.network.ipv4 = 192.168.0.122/24 lxc.network.ipv4.gateway = 192.168.0.1lxc.network.name = xeth1lxc.tty = 3lxc.mount = /home
lxcpersonal.conf lxc.utsname = testlxc.network.type = vethlxc.network.flags = uplxc.network.link = lxcbr0lxc.network.hwaddr = 4a:59:c3:d4:e5:f6 lxc.network.ipv4 = 192.168.0.123/24 lxc.network.ipv4.gateway = 192.168.0.2lxc.network.name = xeth0 lxc.tty = 2lxc.mount = /home/srinivas
sudo lxc-execute -n left -f /home/srinivas/lxcpersonal.conf /bin/shsudo lxc-execute -n right -f /home/srinivas/lxcpersonal_right.conf /bin/sh
I can ping IP address between containers and could some one tell me how to ping outside world from containerlets ping google.com from one container
ThanksSrinivas
From: srinuk at outlook.com
To: jay at jaytaylor.com; aartipsawant10 at gmail.com; lxc-users at lists.sourceforge.net
Subject: RE: [Lxc-users] reg iptables usage in containers
Date: Wed, 25 Sep 2013 16:06:44 -0700
Hi Jay Thank you ,of Great help indeedI had one more question Can we limit number of processes in a container ?How to detect that a processes is trying to get created in a container?ThanksSrinivas
From: jay at jaytaylor.com
Date: Wed, 25 Sep 2013 09:24:40 -0700
Subject: Re: [Lxc-users] reg iptables usage in containers
To: aartipsawant10 at gmail.com
CC: srinuk at outlook.com; lxc-users at lists.sourceforge.net
Hi Srini,
Learning the iptables rules can be tricky at first, especially when you're new to LXC. I highly recommend finding a way to automate the process.
Here is a real-world example of how iptables can be setup on a per-container basis in LXC:
https://github.com/Sendhub/shipbuilder/blob/master/src/scripts.go#L38
This is a python script which is run to clone and launch a new container and setup the iptables TCP port-forwarding for it.
Hope this is useful.
Best regards,
Jay
On Tue, Sep 24, 2013 at 2:21 AM, Aarti Sawant <aartipsawant10 at gmail.com> wrote:
hello,
Bellow link might be useful for setting up iptables per conatiners
http://openvz.org/Setting_up_an_iptables_firewall
Thanks,Aarti SawantNTTDATA OSS Center Pune
On Tue, Sep 24, 2013 at 5:37 AM, srinivas k <srinuk at outlook.com> wrote:
Hi Group.
I am new to lxc and I am trying to create containers for the first time.
My plan is to create 2 containers using lxc-create and do some networking between 2containers using a br0 as bridge between 2 containers
What is the basic procedure to do the below
1.How to setup iptables per container
2.How to filter out incoming traffic traffic per container using iptables with respect to that particular container
Will be thankful for any help or pointers
RegardsSrini
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-users mailing list
Lxc-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-users mailing list
Lxc-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20131107/f71537bb/attachment.html>
More information about the lxc-users
mailing list