30
edits
Changes
m
Added section on Shorewall
The exception to this is the nameserver, which we want open to the world. We use it as a caching nameserver for our containers and also to host DNS for a few customer domain.
== An alternative from the author of Shorewall ==
For those who might find the solution provided in this wiki article unsatisfactory (for whatever reason), the creator of Shorewall (Tom Eastep) has written a nice article explaining how to use Shorewall on an OpenVZ host node to manage the host node, containers, and more... with quite a complex setup as an example. The article IS NOT an introduction to Shorewall for beginners, so some pre-existing knowledge and understanding of Shorewall may be required.
Shorewall and OpenVZ by Tom Eastep - http://www.shorewall.net/OpenVZ.html
See also this OpenVZ Forum posting - http://forum.openvz.org/index.php?t=msg&goto=16406&
== Setting up a HN-based firewall ==
