OpenVZ Forum


Home » General » Support » nf_conntrack on container ?
nf_conntrack on container ? [message #37711] Tue, 13 October 2009 14:45 Go to next message
dvazart is currently offline  dvazart
Messages: 37
Registered: October 2008
Location: France
Member
Hi !

Im trying to make an iptables rule like :

iptables -A FORWARD --match state --state RELATED,ESTABLISHED -j ACCEPT


But i got this error message :

iptables: No chain/target/match by that name


I have allready installed the ip_conntrack module, but apparently I have to install also nf_conntrack

It is possible in OpenVZ ?

I'm running Debian on both (HN and CT).


----------- Daniel Vazart ------------
"Knowledge is power, Sharing is human"
------- http://www.vazart.net --------
Re: nf_conntrack on container ? [message #37720 is a reply to message #37711] Wed, 14 October 2009 10:33 Go to previous messageGo to next message
curx
Messages: 739
Registered: February 2006
Location: Nürnberg, Germany
Senior Member

Hi,

have you restart your container after loading the kernel modules on hardware node ?

Bye,
Thorsten
Re: nf_conntrack on container ? [message #37724 is a reply to message #37711] Wed, 14 October 2009 12:29 Go to previous message
dvazart is currently offline  dvazart
Messages: 37
Registered: October 2008
Location: France
Member
Yes...

In fact, the module ip_conntrack works fine, but now needs nf_conntrack


----------- Daniel Vazart ------------
"Knowledge is power, Sharing is human"
------- http://www.vazart.net --------
Previous Topic: secure.2, secure.3 are empty
Next Topic: error /sbin/ip: 1: Syntax error: Unterminated quoted string
Goto Forum:
  


Current Time: Fri Nov 15 23:03:16 GMT 2024

Total time taken to generate the page: 0.03306 seconds