Blocked connection to the ts3 server under OpenVZ

jeudi 5 novembre 2015

I have virtual machine with Ubuntu 12.04 under OpenVZ.
Teamspeak server v. 3.0.11.4
All ok if i connect from LAN or subnet of my provider. But outside traffic blocked.

eth1 - LAN interface of OpenVZ server, below iptables rules on it:

Code:
# Generated by iptables-save
*nat
:PREROUTING ACCEPT [44:4079]
:POSTROUTING ACCEPT [15:900]
:OUTPUT ACCEPT [76:4609]
-A PREROUTING -d wan-ip/32 -p tcp -m tcp --dport 30033 -j DNAT --to-destination 10.0.10.110:30033
-A PREROUTING -d wan-ip/32 -p tcp -m tcp --dport 10011 -j DNAT --to-destination 10.0.10.110:10011
-A PREROUTING -d wan-ip/32 -p udp -m udp --dport 9987 -j DNAT --to-destination 10.0.10.110:9987
-A POSTROUTING -s 10.0.10.110/32 ! -d 10.0.0.0/8 -p tcp -m tcp --sport 10011 -j SNAT --to-source wan-ip
-A POSTROUTING -s 10.0.10.110/32 ! -d 10.0.0.0/8 -p tcp -m tcp --sport 30033 -j SNAT --to-source wan-ip
-A POSTROUTING -s 10.0.10.110/32 ! -d 10.0.0.0/8 -p udp -m udp --sport 9987 -j SNAT --to-source wan-ip
-A POSTROUTING -o eth1 -j MASQUERADE
-A POSTROUTING -o vt0 -j MASQUERADE
-A POSTROUTING -o eth1 -j MASQUERADE
COMMIT
# Generated by iptables-save
*mangle
:PREROUTING ACCEPT [1695:393147]
:INPUT ACCEPT [1401:349051]
:FORWARD ACCEPT [294:44096]
:OUTPUT ACCEPT [1275:412677]
:POSTROUTING ACCEPT [1569:456773]
COMMIT
# Generated by iptables-save
*filter
:INPUT ACCEPT [1401:349051]
:FORWARD ACCEPT [289:43796]
:OUTPUT ACCEPT [1275:412677]
-A FORWARD -d 10.0.10.110/32 -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 10011 -j ACCEPT
-A FORWARD -d 10.0.10.110/32 -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 30033 -j ACCEPT
-A FORWARD -d 10.0.10.110/32 -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 9987 -j ACCEPT
-A FORWARD -i eth1 -o vt0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i vt0 -o eth1 -j ACCEPT
COMMIT
When i try connect to ts server, i run tcpdump on vz server and vm server. Virtual capture 2 times more packets, he recieve packets and send. OpenVZ server only recieve packets from outside, but not from vm. Port forwarding is enabled on vz server.

Can anybody help me, what did i miss?
Blocked connection to the ts3 server under OpenVZ
Publié par teacher à 08:20
Libellés :

0 commentaires:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)