OpenVZ Forum


Home » General » Support » iptables and NAT inside VE
iptables and NAT inside VE [message #34584] Mon, 19 January 2009 13:39 Go to next message
digidax is currently offline  digidax
Messages: 30
Registered: March 2008
Member
Hello,

I'm doing inside the VE the iptables command on shell and get an error:

# iptables -t nat -A PREROUTING -s 0.0.0.0/0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.


On the HN I have expand in /etc/vz/vz.conf the line with iptables_nat:

IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length iptables_nat"


Using Kernel: 2.6.18-92.1.13.el5.028stab059.6 #1 SMP

finished with rebooting the HN. What did I have forgot?

best regards
Frank

Report message to a moderator

Re: iptables and NAT inside VE [message #34594 is a reply to message #34584] Mon, 19 January 2009 16:51 Go to previous messageGo to next message
piavlo is currently offline  piavlo
Messages: 159
Registered: January 2007
Senior Member
You need the iptables nat module loaded in HN prior to VE start anyway.
Also add 
IPTABLES="iptable_nat"
to /etc/vz/conf/${VEID}.conf

I think that IPTABLES="..." in
/etc/vz/vz.conf is ignored.

[Updated on: Mon, 19 January 2009 16:52]

Report message to a moderator

*SOLVED*: iptables and NAT inside VE [message #34595 is a reply to message #34584] Mon, 19 January 2009 17:16 Go to previous messageGo to next message
digidax is currently offline  digidax
Messages: 30
Registered: March 2008
Member
Yes, I've did it. See last word in my IPTABLES="... iptables_nat" line and have rebooted the whole machine in case of increasing DDR2 RAM.

I have recreated the VE again and now it's working. I don't know what's the problem was but now it's running.

Thanks.

Report message to a moderator

Re: *SOLVED*: iptables and NAT inside VE [message #34598 is a reply to message #34595] Mon, 19 January 2009 19:06 Go to previous messageGo to next message
piavlo is currently offline  piavlo
Messages: 159
Registered: January 2007
Senior Member
digidax wrote on Mon, 19 January 2009 19:16


I have recreated the VE again and now it's working. I don't know what's the problem was but now it's running.

Thanks.


The problem was that you needed the iptables nat module loaded in HN prior to that you start the VE

Report message to a moderator

Re: *SOLVED*: iptables and NAT inside VE [message #34602 is a reply to message #34598] Tue, 20 January 2009 06:22 Go to previous message
digidax is currently offline  digidax
Messages: 30
Registered: March 2008
Member
Sorry, I think you misunderstand me. I have rebooted the whole Hardware:
# shutdown -h now

After starting the machine by pressing the power on button, first is booting the host OS and then initialized the VZ subsystem, next step is starting the VE's. So my changes on IPTABLES are done and executed.

The simplest way is stopping VZ subsystem and
# service iptables restart
and starting the VZ subsystem. But I have plugged additional RAM on board, so I must switched off.

Report message to a moderator

Previous Topic: Oops.
Next Topic: simple internet router in VE?
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Tue Aug 05 06:32:22 GMT 2025

Total time taken to generate the page: 1.74279 seconds
Powered by FUDforum Powered by Virtuozzo Containers