This page (revision-12) was last changed on 23-Apr-2022 17:06 by Harry Metske

This page was created on 23-Apr-2022 17:05 by Harry Metske

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note
12 23-Apr-2022 17:06 18 KB Harry Metske to previous
11 23-Apr-2022 17:05 17 KB Harry Metske to previous | to last
10 23-Apr-2022 17:05 17 KB Harry Metske to previous | to last
9 23-Apr-2022 17:05 16 KB Harry Metske to previous | to last
8 23-Apr-2022 17:05 14 KB Harry Metske to previous | to last
7 23-Apr-2022 17:05 13 KB Harry Metske to previous | to last
6 23-Apr-2022 17:05 13 KB Harry Metske to previous | to last
5 23-Apr-2022 17:05 12 KB Harry Metske to previous | to last
4 23-Apr-2022 17:05 11 KB Harry Metske to previous | to last
3 23-Apr-2022 17:05 5 KB Harry Metske to previous | to last
2 23-Apr-2022 17:05 2 KB Harry Metske to previous | to last
1 23-Apr-2022 17:05 2 KB Harry Metske to last

Page References

Incoming links Outgoing links
Lxc
Lxc

Version management

Difference between version and

At line 434 changed one line
If you want to reach them from another laptop over wifi, you can add static routes to these containers:
If you want to reach them from another laptop over wifi, you have two options:
* you can add static routes to these containers:
At line 450 added 16 lines
* (better), use the firewall on the container host to forward ports:
{{{
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 1180 -j DNAT --to 10.0.3.11:80
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 1280 -j DNAT --to 10.0.3.12:80
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 1122 -j DNAT --to 10.0.3.11:22
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 1222 -j DNAT --to 10.0.3.12:22
}}}
This results in the following iptables:
{{{
root@apollo:/var/lib/lxc/cn1# iptables -vnL -t nat
Chain PREROUTING (policy ACCEPT 54 packets, 7138 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1180 to:10.0.3.11:80
0 0 DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1280 to:10.0.3.12:80
2 120 DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1122 to:10.0.3.11:22
1 60 DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1222 to:10.0.3.12:22
At line 467 added 2 lines
Chain INPUT (policy ACCEPT 17 packets, 2581 bytes)
pkts bytes target prot opt in out source destination
At line 450 changed 3 lines
! TODO => how to get network access to the container(s) from the wireless modem.
Currently the primary internet host (10.0.0.101) is configured as the DMZ host on the modem, and all traffic is forwarded to that host.\\
Port forwarding can only be used for hosts on the same private network (10.0.0.0).
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
At line 473 added 5 lines
Chain POSTROUTING (policy ACCEPT 3 packets, 180 bytes)
pkts bytes target prot opt in out source destination
29 2037 MASQUERADE all -- * * 10.0.3.0/24 !10.0.3.0/24
root@apollo:/var/lib/lxc/cn1#
}}}
At line 479 added one line
This last NATing can also be used to direct traffic from the wireless modem, for example the 22 and 80 ports :
At line 481 added 2 lines
[Single Port Forwarding.png]
This page (revision-12) was last changed on 23-Apr-2022 17:06 by Harry MetskeTop