vzfirewall icon indicating copy to clipboard operation
vzfirewall copied to clipboard

Published 20 hours ago verified publisher icon DmitryKoterov

external rules port forwarding

Open marl-scot opened this issue 10 years ago • 1 comments

Hi I am trying to work out how to ether include an external rules file after updating vzfirewall or (better) a way to include port forwardings in the guest.conf FIREWALL directive? I use rules like the following to forward ports from the hardware nodes IP to guests. iptables -t nat -A PREROUTING -p tcp -d HWnodeIP --dport 222 -i eth0 -j DNAT --to-destination GuestPrivateIP:22

thanks marl

marl-scot avatar Jan 19 '15 14:01 marl-scot

Just use custom rules in either /etc/vz/conf/0.conf or in the container's /etc/vz/conf/ctid.conf file. The latter can use $THIS as a placeholder for your GuestPrivateIP, but HWnodeIP will have to be hard-coded in either file.

jnorell avatar Apr 28 '16 22:04 jnorell