On 5/08/2014 10:40 p.m., Jeroen Ooms wrote:
On Tue, Aug 5, 2014 at 12:31 PM, Fajar A. Nugraha <l...@fajar.net> wrote:
Try adding destination IP (e.g. "-d YOUR.PUBLIC.IP.ADDRESS") to your NAT rule
Thanks. However this is a bit impractical because the host might
change ip addresses. Also I use the same software setup on other
servers, so then I have to manage separate rules for each server.
Would there be a way to limit this rule in a generic way, such that I
can use a script wit the same rules on all servers, regardless of
their ip address? I.e. some other way to distinguish incoming
connections on the host, from outgoing connections on the guest?
Could you use something like "-i eth0" to only apply the REDIRECT to
traffic coming in on eth0 (or whatever your "external" interface is)?
--
Gavin
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
