Answer the question
In order to leave comments, you need to log in
Question for linuxoids/hosters?
Hello. Not that I'm such an admin, but I know how to raise a web server. What I can not ask others.
Recently I thought about setting up firewall rules and was glad that plesk has a wonderful gui for simple operations (close the port for ip, open the port, redirect traffic).
I've been fighting with rusonyx for a day now about the fact that this module doesn't work. As a result, I pay one and a half thousand rubles for VPS for “convenient, reliable, powerful” hosting, the support of which sends me to learn how to work with iptables for profit, connecting to the console using ssh.
Question - Is Virtuozzo really such a poor virtualization system or do I need to buy a VDS for 10 thousand?
Support response:
“Unfortunately, it turned out that the psa-firewall module, designed to manage iptables rules from Plesk, does not work on Plesk for PVC on a Virtuozzo virtualization system. This module can only work on dedicated servers.
To manage iptables under a Virtuozzo virtualization system, please use the root access provided by SSH, where you can directly manage iptables from the command line.”
Answer the question
In order to leave comments, you need to log in
Quite right, the module will not work on Virtuozzo, and this is not the worst thing, a bunch of other things in iptables may not work (modules), but you can quite easily configure elementary things like closing ports by hand.
Fully iptables will run on KVM. It's a stretch to say that they fully function on vbox/vmware/hyper-v
The rest of the virtualization systems are not for you if you need a normal fw. I'm already tired of promoting my vdskis, if you look for normal ones, knock on habramail.
I am also not such an admin - I took and configured iptables in the console, as it should. There are step by step instructions on the internet. It’s worse when you need to set up something like that, and the hoster provides SSH access only for a day and only after providing passport scans - that’s what I understand, the problem (real case).
iptables runs entirely on Xen. There, in general, everything that is not tied to specific pieces of iron works.
And you still need to learn iptables. If you do not prescribe the rules in the download, then a fatal error is treated with a simple reboot.
And no, the machine for training costs far from many-thousand-rubles-per-month, but 100 rubles maximum.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question