[Lxc-users] reg iptables usage in containers
srinivas k
srinuk at outlook.com
Wed Sep 25 23:06:44 UTC 2013
Hi Jay Thank you ,of Great help indeedI had one more question Can we limit number of processes in a container ?How to detect that a processes is trying to get created in a container?ThanksSrinivas
From: jay at jaytaylor.com
Date: Wed, 25 Sep 2013 09:24:40 -0700
Subject: Re: [Lxc-users] reg iptables usage in containers
To: aartipsawant10 at gmail.com
CC: srinuk at outlook.com; lxc-users at lists.sourceforge.net
Hi Srini,
Learning the iptables rules can be tricky at first, especially when you're new to LXC. I highly recommend finding a way to automate the process.
Here is a real-world example of how iptables can be setup on a per-container basis in LXC:
https://github.com/Sendhub/shipbuilder/blob/master/src/scripts.go#L38
This is a python script which is run to clone and launch a new container and setup the iptables TCP port-forwarding for it.
Hope this is useful.
Best regards,
Jay
On Tue, Sep 24, 2013 at 2:21 AM, Aarti Sawant <aartipsawant10 at gmail.com> wrote:
hello,
Bellow link might be useful for setting up iptables per conatiners
http://openvz.org/Setting_up_an_iptables_firewall
Thanks,Aarti SawantNTTDATA OSS Center Pune
On Tue, Sep 24, 2013 at 5:37 AM, srinivas k <srinuk at outlook.com> wrote:
Hi Group.
I am new to lxc and I am trying to create containers for the first time.
My plan is to create 2 containers using lxc-create and do some networking between 2containers using a br0 as bridge between 2 containers
What is the basic procedure to do the below
1.How to setup iptables per container
2.How to filter out incoming traffic traffic per container using iptables with respect to that particular container
Will be thankful for any help or pointers
RegardsSrini
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-users mailing list
Lxc-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-users mailing list
Lxc-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20130925/5c8b9d2a/attachment.html>
More information about the lxc-users
mailing list