Hi,
I'm playing with containers under debian (squeeze, 2.6.33.3) with the
lxc tools.
I'm really happy about all the features (attach veth on bridge, filter
with iptables inside the containers, etc ...), and i was thinking to
replace some of our vservers (and maybe some of our kvm) with this solution.
But actually, i experiment a problem with the iptables logs:
i've iptables on the host to filter some container, basically a squid
proxy. I've another container who act as router, and he has his own
iptables inside.
All the log are deported to a dedicated syslog server.
It appear that, the iptables log of the host are also deported by the
syslog container (proxy).
Some of our guest (container, vserver, etc ) are administer by other
sys-admin, that should not have access to theses informations.
This point is blocking me today, before going into production with
containers.
I've seen some patch made by Jean-Marc Pigeon about this problem,
but they have not been commited.
Is there any reason for that?
Can someone advice me to circumvent this problem?
Thanks a lot.
Regards.
begin:vcard
fn:Jean-Philippe Menil
n:Menil;Jean-Philippe
org;quoted-printable:Universit=C3=A9 de Nantes;IRTS - DSI
adr;quoted-printable:;;2, rue de la Houssini=C3=A8re;Nantes;Loire-Atlantique;44332;France
email;internet:jean-philippe.menil@xxxxxxxxxxxxxx
title;quoted-printable:Administrateur R=C3=A9seau
tel;work:02.51.12.53.92
tel;fax:02.51.12.58.60
x-mozilla-html:FALSE
url:http://www.criun.univ-nantes.fr/
version:2.1
end:vcard
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/containers
