[lxc-users] LXD iptables rules and iptables-persistent?
Ivan Ogai
lxc-users at ogai.name
Wed Oct 4 15:58:49 UTC 2017
* Tomasz Chmielewski <mangoo at wpkg.org> [2017-04-16 02:32]:
> When there are other iptables rules applied on the system with
> iptables-persistent [...] - this will basically
> wipe the rules which LXD applies on startup.
>
> What's the recommended approach to deal with it?
Very good question. I've hit by the same issue.
I commented out the lxd rules when creating the file
/etc/iptables/rules.v4 :
-A INPUT -i lxdbr0 -p tcp -m tcp --dport 53 -m comment --comment "managed by lxd-bridge" -j ACCEPT
-A INPUT -i lxdbr0 -p udp -m udp --dport 53 -m comment --comment "managed by lxd-bridge" -j ACCEPT
-A INPUT -i lxdbr0 -p udp -m udp --dport 67 -m comment --comment "managed by lxd-bridge" -j ACCEPT
-A FORWARD -o lxdbr0 -m comment --comment "managed by lxd-bridge" -j ACCEPT
-A FORWARD -i lxdbr0 -m comment --comment "managed by lxd-bridge" -j ACCEPT
I can add them to iptables-persistent, but wonder where are they
documented.
--
Ivan F. Villanueva B.
https://timefyme.com
--
Vorgründungsgesellschaft GridMind
Ivan Fernando Villanueva Barrio EU
--
Malmöer Str. 6
10439 Berlin
Germany
--
Tel: +49 30 398 20 596
Fax: +49 30 340 60 473
More information about the lxc-users
mailing list