Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision |
Your text |
Line 2: |
Line 2: |
| However the Article at the Parallels Virtuozzo Knowledgebase regarding this issue worked perfectly. | | However the Article at the Parallels Virtuozzo Knowledgebase regarding this issue worked perfectly. |
| URL: http://kb.parallels.com/en/746 | | URL: http://kb.parallels.com/en/746 |
− |
| |
− | == Hardware Firewall mode not working ==
| |
− |
| |
− | I have tried step by step to enable a hardware lie firewall but i have big issues with existing virtual server that acts as a mailserver.
| |
− | Basically with firewall activated the transaction time is around 48 seconds, with firewall deactivated about 0,700 seconds.
| |
− | What on earth could possible be the cause? The FORWARD rule is that bad on VZ?
| |
− |
| |
− | == Firewall rules in the wrong order? ==
| |
− |
| |
− | I've been using the firewall script for a while and it works great. That is until I tried to ban an IP address, and it didn't work.
| |
− |
| |
− | I'm not an iptables expert, so was a bit wary about messing around too much, but my theory is all the iptables -I (insert) should be iptables -A (append), which has the effect of running the rules in the oposite order to intended. This means the source I wanted to block was matching an OKPORT before getting to the BANNED section.
| |
− |
| |
− | In fact to fix my problem I just moved the BANNED section between the DMZS and OKPORTS, which had the desired effect.
| |
− |
| |
− | I'd love to see anyone's comments. [[User:Robferrer|Robferrer]] ([[User talk:Robferrer|talk]]) 07:16, 14 June 2013 (EDT)
| |