You can just remove following strings and then reload firewalld config. [root@vvs-ovz7 ~]# grep -r venet /etc/firewalld/ /etc/firewalld/direct.xml: <rule priority="10" table="filter" ipv="ipv4" chain="INPUT_direct">-i venet0 -j DROP</rule> /etc/firewalld/direct.xml: <rule priority="10" table="filter" ipv="ipv6" chain="INPUT_direct">-i venet0 -j DROP</rule>
On 1/6/21 1:55 PM, mailingl...@tikklik.nl wrote: > Thanks for the pointers > > Hm i think it is this? > > 2 120 DROP all -- venet0 * 0.0.0.0/0 0.0.0.0/0 > > So how to accept traffic from venet0? > > > Thanxs > Steffan > > -----Oorspronkelijk bericht----- > Van: Vasily Averin <v...@virtuozzo.com> > Verzonden: woensdag 6 januari 2021 11:27 > Aan: users@openvz.org; mailingl...@tikklik.nl > Onderwerp: Re: [Users] firewalld HW node > > Dear Steffan, > I think this behavior depends on IP addressed used by containers. > Though anyway: for troubleshooting you need to look at counters of iptables > rules on host, this should help you to understand which one eats containers > packets. Then you'll need to modify the rules. > > Please generate some trafic from container to host and use following > commands to find dropped packets. > iptables -L -n -v > iptables -L -n -v -t mangle > iptables -L -n -v -t nat > > > Thank you, > Vasily Averin > > On 1/5/21 2:52 PM, mailingl...@tikklik.nl wrote: >> Hello, >> >> >> >> When enabling firewalld on the hardware node (openvz 7) >> >> The VPS on it cant SSH tot his node >> It can ssh outside to other nodes. >> >> i can remote SSH tot he HW node >> Any idee why local is not working? >> >> >> With regards >> >> Steffan >> >> >> _______________________________________________ >> Users mailing list >> Users@openvz.org >> https://lists.openvz.org/mailman/listinfo/users >> > > > _______________________________________________ > Users mailing list > Users@openvz.org > https://lists.openvz.org/mailman/listinfo/users > _______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
