How to protect LVS director server with IPTABLES
I have set up an IPVS loadbalancing for Web traffic that is working perfectly.
But now, I try to run my usual firewall script (IPTABLES commands) on the director server and packets seem to be blocked while being sent to Apache server.
firewall script looks like :
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A FORWARD -p tcp --dport 80 -j ACCEPT
I can notice with ipvsadm counters that my http queries are taken into acccount and that director try to send packets to final server ..but nothing arrives on the Apache server.
Maybe IPTABLES and IPVS are not compliant ?
Many thanks for your ideas,