An OpenVZ Container, or CT, is a paravirtualised environment. It is more like a chroot on steroids than a full virtual machine, and it uses the host kernel but a separate userland environment. Container technology allows you to set a quota on disk, memory and CPU usage, but unused resources can be shared. You can manage virtual machines, containers, highly available clusters, storage and networks with an integrated, easy-to-use web interface or via CLI.
Archived
Proxmox firewall or IPtables commands?
Hello,
I'm using proxmox 4 with LXC debian containers and a single IP address (and Nat rules).
I made my rules with IPtables because I didn't know there was a specific Proxmox firewall. Then I thought it was not a big deal because I know how to use IPtables for basic security with Debian.
But I've just stumbled upon a tutorial saying this
As stated in a previous article, if you are using ProxMox, it IS your firewall. Don’t mess with UFW/iptables on either your proxmox host server or any of your guest systems.
So I'm wondering if I should switch to the builtin Proxmox firewall or can just stick with IPtables?