Hi, I am trying to setup a virtual machine, but.... Although it has been created, I am able to enter it via SSH (vzctl enter 101) I cannot enter it using the IP address it has been assigned. Although, if I restart the server (which ispconfig is on) then I can access it very briefly after the server starts but this then stops. I assume this is an issue with the firewall, I have stopped iptables but I still cannot access it. IPTables below: Data from: 2016-08-31 18:45 iptables -S (ipv4) -P INPUT DROP -P FORWARD DROP -P OUTPUT ACCEPT -N INT_IN -N INT_OUT -N PAROLE -N PUB_IN -N PUB_OUT -A INPUT -d 127.0.0.0/8 ! -i lo -p tcp -j DROP -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -s 224.0.0.0/4 -j DROP -A INPUT -i eth+ -j PUB_IN -A INPUT -i ppp+ -j PUB_IN -A INPUT -i slip+ -j PUB_IN -A INPUT -i venet+ -j PUB_IN -A INPUT -i bond+ -j PUB_IN -A INPUT -j DROP -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -j DROP -A OUTPUT -o eth+ -j PUB_OUT -A OUTPUT -o ppp+ -j PUB_OUT -A OUTPUT -o slip+ -j PUB_OUT -A OUTPUT -o venet+ -j PUB_OUT -A OUTPUT -o bond+ -j PUB_OUT -A INT_IN -p icmp -j ACCEPT -A INT_IN -j DROP -A INT_OUT -p icmp -j ACCEPT -A INT_OUT -j ACCEPT -A PAROLE -j ACCEPT -A PUB_IN -p icmp -m icmp --icmp-type 3 -j ACCEPT -A PUB_IN -p icmp -m icmp --icmp-type 0 -j ACCEPT -A PUB_IN -p icmp -m icmp --icmp-type 11 -j ACCEPT -A PUB_IN -p icmp -m icmp --icmp-type 8 -j ACCEPT -A PUB_IN -p tcp -m tcp --dport 21 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 25 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 53 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 80 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 110 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 143 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 443 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 816 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 993 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 995 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 3000 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 8080 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 8081 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 10000 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 40110:40210 -j PAROLE -A PUB_IN -p udp -m udp --dport 53 -j ACCEPT -A PUB_IN -p icmp -j DROP -A PUB_IN -j DROP -A PUB_OUT -j ACCEPT ip6tables -S (ipv6) -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT Not sure what else I can provide. Any suggestions / ideas ???? Thank you
I have now disabled the firewall: Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination but still unable to access
So you run a firewall on the host as well? OpenVZ is a bit tricky when it comes to iptables, a firewall on the host can also block access to a container.