Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


firewall for openvz
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

firewall for openvz

cececece Member
edited December 2013 in Help

ufw doesn't work well on openvz. I have noticed csf ,but it's not as easy as ufw . any advice ?

Comments

  • jarjar Patron Provider, Top Host, Veteran
    edited December 2013

    iptables

    No need for fancy front ends, it's really easy.

  • dccdcc Member, Host Rep
    edited December 2013

    Csf will work just fine in an OpenVZ container... if your provider set up the node properly. csf comes with a environment test script that you could run and find out whether or not it will work.

    Just make sure you don't enable country-based filtering. If your provider set iptables limits properly per container then enabling this will most likely start dropping all traffic. Otherwise your provider will be very unhappy about it.

  • @dcc said:
    Csf will work just fine in an OpenVZ container... if your provider set up the node properly. csf comes with a environment test script that you could run and find out whether or not it will work.

    Just make sure you don't enable country-based filtering. If your provider set iptables limits properly per container then enabling this will most likely start dropping all traffic. Otherwise your provider will be very unhappy about it.

    thanks alot .

  • CSF. OpenVZ VPSes from @RAMNODE work. :)

  • csf isn't a firewall ._.

  • dccdcc Member, Host Rep
    edited December 2013

    @MrObvious said:
    csf isn't a firewall ._.

    Well it stands for Configserver Firewall IIRC...

  • jarjar Patron Provider, Top Host, Veteran
    edited December 2013

    @MrObvious said:
    csf isn't a firewall ._.

    I just didn't want to be the first to say it...thank you.

  • dccdcc Member, Host Rep
    edited December 2013

    Well ufw is not a firewall either.
    If we have to go that far, iptables is not a firewall either :)

  • jarjar Patron Provider, Top Host, Veteran
    edited December 2013

    @dcc said:
    Well ufw is not a firewall either.
    If we have to go that far, iptables is not a firewall either :)

    They're both iptables front ends. They're front ends for a front end. It's like simplification of simplification. It's a bit overkill ;)

  • However it make life easier .It's more simple and intuitive. Compare to linux distros ,less people would use gentoo, or even lfs . so that's it .

  • oneilonlineoneilonline Member, Host Rep

    How about apf...?

  • firewall behaves differently on each host

  • oneilonlineoneilonline Member, Host Rep

    @jcaleb said:
    firewall behaves differently on each host

    Why would that be the case...? Or are you referring that the firewall would behave differently depending on how much load it's operating under?

  • There is dependency on what module were loaded in kernel of host. So sometimes your iptables config in a specific host will not work with another.

  • oneilonlineoneilonline Member, Host Rep

    @jcaleb said:
    There is dependency on what module were loaded in kernel of host. So sometimes your iptables config in a specific host will not work with another.

    Ahh yes, yes, dependent on what module was loaded, I concur.

Sign In or Register to comment.