Correct config for virtual LXC containers

Post Reply
alsur
Junior Member
Posts: 9
Joined: 08 Mar 2013, 11:42

Correct config for virtual LXC containers

Post by alsur »

Hi. I've been using CSF for a while on a PVE (LXC) server.
The host has an interface vmbr0 for public address and a vmbr10 that we use as an internal network (10.0.X.X)
Most LXC containers only have one of the internal network address as we use a Nginx proxy in one of them to receive all the external traffic. This to the local containers is an eth0 address. Additional IPs are routed through the host IP to only the proxy.

So host has approx:
eno1
vmbr0: public address
vmbr10: internal address

On the container:
vmbr10: becomes eth0

We have CSF configured on both, although is a bit redundant on the internal IP containers.

I've only just noticed that on the containers IPTABLES_LOG we only see blocks that we understand are happening on the host public address and that all containers share the same info on the logs.

I am wondering if anyone can point me of how I should configure it so I only see blocks of each specific IP on each container or how the host should be configured otherwise.

thanks.
Post Reply