Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

So, you can not run firewall cause of virtualization ? Seriously?

So, you can not run firewall cause of virtualization ? Seriously?

TazTaz Disabled
edited August 2012 in General

This vps is from a reputable VPS provider around here, I won't name em though. I was working for a client this morning, and while installing CSF, I faced couple of error (OVZ so the node is missing required modules), so I asked the client to open a ticket and ask them if they can enable those.

This is there reply

"Unfortunately due the virtualization layer it is not possible to run firewall inside your virtual server. If you want to use some firewall rules please send them to us in "iptables" format and we will implement then in the main firewall for you immediately."

Seriously?

Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

Tagged:

Comments

  • gsrdgrdghdgsrdgrdghd Member
    edited August 2012

    I'm going to guess this is Edis, and no you can't use IPTables with linux-vserver. Do your research before you buy a VPS.

  • TazTaz Disabled

    This is openVz not vserver. and no not Edis.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • vserver does not support iptables, but I think they had some kind of interface page for firewall rules in their control panel?

    Disclosure: I work for Query Foundry LLC.
    I own DA International Group Ltd.
  • TazTaz Disabled

    BUT THIS IS NOT VSERVER!

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • @NinjaHawk said: This is openVz not vserver. and no not Edis.

    Oh ok my bad. With OpenVZ i don't think there is a reason IPTables shouldn't work.

  • TazTaz Disabled

    I am sad and tired.I will probably migrate her to one of my nodes for better control. It sucks TBH.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • TazTaz Disabled

    Don't want to, besides that small issue, they have been great. specially with 10 minute reply on sunday is great. Everyone has their learning curve :).

    May be they will see this and quietly fix it :)

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • No need to wait for them to quietly fix it, you can ask them to fix it, even point them at a tutorial or a bunch of ssh lines. Like you said, everyone has their learning curve :P

    Disclosure: I work for Query Foundry LLC.
    I own DA International Group Ltd.
  • TazTaz Disabled

    A link to wiki and howtoforge on its way.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • TazTaz Disabled

    Reputable= accepted by LEB (Not LET) users, No negative feedback online and been in business for more than 1 or 2 years.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • This isn't us, is it? We have some new support people that we're training up on things.

    I am no longer affiliated with IPXcore.
  • TazTaz Disabled

    No damian. You can sleep tight :)

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • If it is about CSF bitching about xt_connlimit - this is usually normal and not really the host's fault.

  • TazTaz Disabled

    When CSF fails to install and lfd fails, it is not the normal bitching.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • Well you do sell OVZ VPS, so you 'should' know about it.

    Thanked by 3Amfy yomero Jeffrey
  • TazTaz Disabled
    edited August 2012

    @Spencer not sure if you are trolling or you forgot to read.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • What chokes on venets. It's late and I can't remember. Maybe that?

  • ZenZen Member

    @NinjaHawk

    He meant you should know that the host node needs to enable iptables modules in order for CSF to function on guest containers.

  • TazTaz Disabled
    edited August 2012

    Yes I know that and that was the request my client made via his support ticket. I think I have mentioned that during my initial post?

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • I had a host (probably the same host) say that I need to get a Xen VPS because they will not enable certain iptable modules.

    This signature is brought to you by the NSA. Spying on the entire world since 1952!

  • JarJar Member

    Firewalls are for the weak. Get a comfortable chair, put your logs on one half of the screen and netstat on the other half. Live life on the edge.

    Thanked by 1HalfEatenPie
  • HalfEatenPieHalfEatenPie Member
    edited August 2012

    @jarland said: Get a comfortable chair, put your logs on one half of the screen and netstat on the other half. Live life on the edge.

    Like a badass. You're such a rebel.

    Catalyst Host - Pie Approved!
    Thanked by 1Jar
  • TazTaz Disabled
    edited August 2012

    @jarland Someone or Something reminds of this guy image

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

Sign In or Register to comment.