Iptables problem in SUSE10 kernel [message #2625] |
Wed, 12 April 2006 05:16 |
smsprog
Messages: 25 Registered: April 2006
|
Junior Member |
|
|
Cannot use iptables in VPS under SUSE10 OpenVZ kernel.
virt1:~ # iptables -L -n -v -x
Chain INPUT (policy ACCEPT 255 packets, 19625 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 162 packets, 18750 bytes)
pkts bytes target prot opt in out source destination
virt1:~ # iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables: No chain/target/match by that name
All necessary modules are uploaded in kernel.
virt:~ # lsmod |grep ip
ipt_ttl 6528 7
ipt_TCPMSS 8704 7
iptable_mangle 8704 8
iptable_filter 8576 9
ipt_multiport 7168 14
ipv6 243008 18
ipt_tos 6272 7
ipt_REJECT 9728 8
ip_tables 18260 2 iptable_mangle,iptable_filter
x_tables 20480 10 xt_tcpudp,xt_length,ipt_ttl,xt_tcpmss,ipt_TCPMSS,ipt_multipo rt,xt_limit,ipt_tos,ipt_REJECT,ip_tables
virt:~ # tail /etc/sysconfig/vz-scripts/101.conf
....
IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_REJECT ipt_length "
The same VPS been migrated on ovz kernel can use iptables. Is it a SUSE10 OpenVZ kernel problem?
|
|
|
Re: Iptables problem in SUSE10 kernel [message #2629 is a reply to message #2625] |
Wed, 12 April 2006 08:54 |
dim
Messages: 344 Registered: August 2005
|
Senior Member |
|
|
This problem affects all our 2.6.16 based kernels. Module xt_tcpudp, which is resposible for '-p tcp' option is new and its code was included in previous kernels to ip_tables module.
Will be virtualized and fixed in next kernels.
|
|
|