openvz tun and net

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 3004 -j DNAT --to-destination 10.10.10.12:22

TUN / TAP

modprobe tun
lsmod | grep tun

vzctl set 3 --devnodes net/tun:rw --save
vzctl set 3 --devices c:10:200:rw --save
vzctl set 3 --capability net_admin:on --save

vzctl exec 3 mkdir -p /dev/net

vzctl exec 3 chmod 600 /dev/net/tun


vi /etc/vz/vz.conf

insert ‘iptable_nat’ on to the iptables modules.

IPv4 iptables kernel modules to be enabled in CTs by default

IPTABLES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp ipt_owner ipt_REDIRECT"