carlopmart
2009-Sep-16 07:56 UTC
[CentOS-virt] Writing iptables for inbound connections with libvirt
Hi all,
I have installed a CentOS 5.3 x86_64 server with kvm and libvirt to do
some tests for future virtualized deployments.
My environment:
eth0 --> 172.25.50.1/24 ("public" host ip)
virbr0 ---> 192.168.122.1/24 (natted interface installed by libvirt)
virbr1 ---> 172.26.50.0/24 (internal virtualized network, whithout
physical interface binded)
Between 192.168.122.0/24 network and 172.26.50.0/24 network I have
installed a virtual firewall. So to reach 172.26.50.0/24 network, all
connections needs to come from 192.168.122.0/24 network.
I need to insert some iptables rules to allow access to some services
installed on 172.26.50.0/24 network like smtp,http,ftp, etc.
How can I configure libvirt to forward and nat these services coming
from 172.25.50.0/24 network to a specific IP under 192.168.122.0/24
network?? Or do I need to use /etc/sysconfig/iptables configuration??
Some examples, please??.
Many thanks.
--
CL Martinez
carlopmart {at} gmail {d0t} com
Apparently Analagous Threads
- OT: a very big problem with ipsec-tools on CentOS5 (SOLVED)
- Inconsistent iptables forwarding rules for virtual networks?
- Extract ip address from a kvm guest
- Re: guest A from virbr0 can talk to guest B in virbr1 but not vice versa
- unable to ping from guests in virbr0 to guests in virbr1 network
Wisdom of the Ancients
