[lxc-users] lxc and PREROUTING conflict
Gavin Grieve
ggrieve at ihug.co.nz
Tue Aug 5 10:48:20 UTC 2014
On 5/08/2014 10:40 p.m., Jeroen Ooms wrote:
> On Tue, Aug 5, 2014 at 12:31 PM, Fajar A. Nugraha <list at fajar.net> wrote:
>> Try adding destination IP (e.g. "-d YOUR.PUBLIC.IP.ADDRESS") to your NAT rule
> Thanks. However this is a bit impractical because the host might
> change ip addresses. Also I use the same software setup on other
> servers, so then I have to manage separate rules for each server.
> Would there be a way to limit this rule in a generic way, such that I
> can use a script wit the same rules on all servers, regardless of
> their ip address? I.e. some other way to distinguish incoming
> connections on the host, from outgoing connections on the guest?
Could you use something like "-i eth0" to only apply the REDIRECT to
traffic coming in on eth0 (or whatever your "external" interface is)?
--
Gavin
More information about the lxc-users
mailing list