OpenVZ Forum


Home » General » Support » About commands and firewall rule
About commands and firewall rule [message #37166] Mon, 24 August 2009 13:27 Go to next message
sachin is currently offline  sachin
Messages: 27
Registered: September 2007
Junior Member
Hello,

After login via SSH, I got the message "Operation not supported" when using below command
setfacl -R -m d:u:vmail:rwx,g:vmail:rwx /var/mailbox

As below list, it's quit different from normal machine, my mount point to "/" is "/dev/simfs", but which is NOT listed in file fstab and NOT shows by command "mount", so I don't know how to add "acl" option to /etc/fstab
[root@vps]# mount
/dev/simfs on / type simfs (rw)
/proc on /proc type proc (rw)
/sys on /sys type sysfs (rw)
none on /dev type tmpfs (rw)
none on /dev/pts type devpts (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
[root@vps]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/simfs 59G 3.4G 56G 6% /
none 5.9G 4.0K 5.9G 1% /dev
[root@vps]# cat /etc/fstab
none /dev/pts devpts rw 0 0

when using the firewall rule I mentioned before, the error message below will show:
iptables: Unknown error 4294967295
it seems the kernel is NOT enable to support iptable function "hashlimit"

And, the ssh idle time is too short, after connect to VPS via SSH, only 1~2 minute idle, then the connection will be auto-closed.
I believe that which causes by your node setting.

pls help me to solve these problems.

Report message to a moderator

Re: About commands and firewall rule [message #37169 is a reply to message #37166] Mon, 24 August 2009 16:00 Go to previous message
curx
Messages: 739
Registered: February 2006
Location: Nürnberg, Germany
Senior Member
Hi,

1) imo ... acl on simfs isnt supported ...

on starting the container the step are done:

first mounting the private local storage /vz/private/<CTID> to /vz/root/<CTID>
in the containers context the /-mount type is shown as simfs, to handle file and user quota via the kernel module simfs

CT0 (=HardwareNode) # modinfo simfs
[...]
description: Open Virtuozzo Simulation of File System
license: GPL v2
[...]

2)
>> when using the firewall rule I mentioned before, the error message below will show:
>> iptables: Unknown error 4294967295
>> it seems the kernel is NOT enable to support iptable function "hashlimit"

... btw, can you please pase the whole iptables rule, this error occurs

Seem on the hardware node the iptables module "ipt_hashlimit" isn't loaded and your ct shows nore hashlimit in the proc ip_tables_matches

# vzctl exec 102 'grep hash /proc/net/ip_tables_matches '

Bye,
Thorsten

Report message to a moderator

Previous Topic: Cannot mount samba server that runs in a VE into another VE
Next Topic: How to set equal share cpu?
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Mon Oct 07 12:16:04 GMT 2024

Total time taken to generate the page: 0.10253 seconds
Powered by FUDforum Powered by Virtuozzo Containers