|
Here are the IP chains I'm setting up:
echo "1" > /proc/sys/net/ipv4/ip_forward
ipchains -F
ipchains -A forward -j MASQ -s 10.75.0.0/16 -d 0.0.0.0/0
I tried setting up ipchains like your script does, but I got connection
refused errors when trying to ftp, so I put it back the way I originally had
it. I tried this:
ipchains -A forward -p tcp -j MASQ -s 10.75.0.9 ftp -d 0.0.0.0/0
ipchains -A forward -p tcp -j MASQ -s 10.75.32.9 ftp -d 0.0.0.0/0
ipchains -A forward -p tcp -j MASQ -s 10.75.64.9 ftp -d 0.0.0.0/0
Can I do a global like I have above, or do I have to do each service for
each realserver? If so, what is wrong with the above?
>> Here is how I'm starting lvs for ftp.
>> ipvsadm -A -t 216.xxx.xxx.xxx:ftp -s wlc -p 540
>> ipvsadm -a -t 216.xxx.xxx.xxx:ftp -R 10.75.0.9:ftp -w 5 -m
>> ipvsadm -a -t 216.xxx.xxx.xxx:ftp -R 10.75.32.9:ftp -w 5 -m
>> ipvsadm -a -t 216.xxx.xxx.xxx:ftp -R 10.75.64.9:ftp -w 5 -m
>
>add
>$ipchains...
>
>The configure script will setup the ipchains rules for you
>(handles passive ftp too).
|
