OpenVZ Forum


Home » General » Support » Problem on starting Shorewall
Problem on starting Shorewall [message #35932] Sat, 02 May 2009 05:03 Go to next message
satimis is currently offline  satimis
Messages: 39
Registered: August 2008
Member
Hi folks,

Ubuntu 8.04
Shorewall

Shorewall fails to start;

# /etc/init.d/shorewall start
Starting "Shorewall firewall": not done (check /var/log/shorewall-init.log).



# tail /var/log/shorewall-init.log
 
Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.8: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.8: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.8: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Terminated


/# uname -r
2.6.24-23-openvz


OpenVZ kernel is running here. Please advise how to fix the problem. TIA


B.R.
satimis

Report message to a moderator

Re: Problem on starting Shorewall [message #35938 is a reply to message #35932] Mon, 04 May 2009 13:29 Go to previous messageGo to next message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hi,

looks like you have to set up iptables inside VE in a proper manner. Check the appropriate section in OpenVZ User's guide
http://download.openvz.org/doc/OpenVZ-Users-Guide.pdf
hope it helps you.

Report message to a moderator

Re: Problem on starting Shorewall [message #35939 is a reply to message #35938] Mon, 04 May 2009 14:19 Go to previous messageGo to next message
satimis is currently offline  satimis
Messages: 39
Registered: August 2008
Member
maratrus wrote on Mon, 04 May 2009 21:29

Hi,

looks like you have to set up iptables inside VE in a proper manner. Check the appropriate section in OpenVZ User's guide
http://download.openvz.org/doc/OpenVZ-Users-Guide.pdf
hope it helps you.

Hi maratrus,

Thanks for your advice and link.

# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0              anywhere            
ACCEPT     all  --  anywhere             anywhere            

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0              0.0.0.0             

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


I did NOT create the rules manually. I think it comes on installing/configuring Shorewall.


Going through OpenVZ-Users-Guide I found following section;

Loading iptables Modules to Particular VPSs;

# vzctl set xxx --iptables iptable_filter --iptables ipt_length --iptables ipt_limit --iptables iptable_mangle --iptables ipt_REJECT --save

Is it relevant to my problem?


I can't find vz file NOR sysconfig directory

# find / -name sysconfig -type d
No printout

# locate vz
/etc/rc6.d/S00vzreboot
/usr/include/envz.h


# find / -name vz -type d
/proc/vz


Any advice. TIA


B.R.
satimis

Report message to a moderator

Re: Problem on starting Shorewall [message #35940 is a reply to message #35932] Mon, 04 May 2009 15:40 Go to previous message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hi,

my bad, I missed that the shorewall complains about ip6tables not iptables.
Do you really need ip6tables? Is it possible to disable it somehow?

Report message to a moderator

Previous Topic: ram overflow (Unable to fork: Cannot allocate memory)
Next Topic: How to migrate from Virtuozzo to OpenVZ
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Fri Oct 18 01:10:41 GMT 2024

Total time taken to generate the page: 0.05137 seconds
Powered by FUDforum Powered by Virtuozzo Containers