OpenVZ Forum


Home » General » Support » The VPS iptables rule limit
The VPS iptables rule limit [message #32431] Thu, 07 August 2008 14:45 Go to next message
gozargah is currently offline  gozargah
Messages: 32
Registered: June 2008
Member
Hello,

We installed csf firewall in main node and we have following error when try to start firewall, how can resolve this issue?

[root@m5088 csf]# csf -s
Error: The VPS iptables rule limit (numiptent) is too low (400/400) - stopping firewall to prevent iptables blocking all connections, at line 123

Thanks

Report message to a moderator

Re: The VPS iptables rule limit [message #32432 is a reply to message #32431] Thu, 07 August 2008 15:14 Go to previous messageGo to next message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hi,

try to increase numiptent value. You can do it with vzctl utility:
vzctl set 101 --numiptent NUM --save

Report message to a moderator

Re: The VPS iptables rule limit [message #32433 is a reply to message #32432] Thu, 07 August 2008 15:18 Go to previous messageGo to next message
gozargah is currently offline  gozargah
Messages: 32
Registered: June 2008
Member
Hi,

Its main node firewall.

Report message to a moderator

Re: The VPS iptables rule limit [message #32435 is a reply to message #32433] Thu, 07 August 2008 16:17 Go to previous messageGo to next message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hi,

please show /proc/user_beancounter

Report message to a moderator

Re: The VPS iptables rule limit [message #32443 is a reply to message #32435] Fri, 08 August 2008 05:52 Go to previous messageGo to next message
gozargah is currently offline  gozargah
Messages: 32
Registered: June 2008
Member
Hi,

What you need to /proc/
I see big data in /proc/

Report message to a moderator

Re: The VPS iptables rule limit [message #32444 is a reply to message #32443] Fri, 08 August 2008 07:49 Go to previous messageGo to next message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
 
cat /proc/user_beancounters

Report message to a moderator

Re: The VPS iptables rule limit [message #32445 is a reply to message #32444] Fri, 08 August 2008 07:55 Go to previous messageGo to next message
gozargah is currently offline  gozargah
Messages: 32
Registered: June 2008
Member
Please check attach file. Razz
  • Attachment: attach1.txt
    (Size: 73.83KB, Downloaded 701 times)

Report message to a moderator

Re: The VPS iptables rule limit [message #32447 is a reply to message #32445] Fri, 08 August 2008 09:58 Go to previous messageGo to next message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hi,

I cannot find the VE with (400/400) numiptent.
Only VE 360 has 200:200 numiptent. Try to increase it.

Report message to a moderator

Re: The VPS iptables rule limit [message #32448 is a reply to message #32447] Fri, 08 August 2008 10:48 Go to previous message
gozargah is currently offline  gozargah
Messages: 32
Registered: June 2008
Member
Thank you, problem resolved. Smile

Report message to a moderator

Previous Topic: Limit Conection in VPS
Next Topic: [solved] ovzkernel install isue on CentOS 5.2 64-bit?
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Tue Jul 23 04:30:14 GMT 2024

Total time taken to generate the page: 0.02398 seconds
Powered by FUDforum Powered by Virtuozzo Containers