Hi All,
running OpenVZ on one a server I manage, and having a problem connecting between the containers, when the policy is set to all all REJECT.
Error in the logs:
May 26 11:55:10 fluffy kernel: [3790273.435404] Shorewall:FORWARD:REJECT:IN=venet0 OUT=venet0 SRC=xxx.xxx.11.119 DST=xxx.xxx.11.152 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=6459 DF PROTO=TCP SPT=58720 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0

all            all             REJECT          info

# SSH is allowed everywhere
ACCEPT          all             all             tcp     22

ACCEPT          vz      vz      tcp     22

(that last line was from desperation)
lan     br0             detect
lan     eth0            detect
vz      venet0          detect
stor    bond0           detect

Anyone see why I am getting to error forwarding between containers? If I change the policy to all all ACCEPT, it works fine. If I change it to reject, I get this error. But why doesn't the rule allow it at all?