NFQUEUE in VE [message #44401] |
Tue, 06 December 2011 00:07 ![Go to next message Go to next message](/theme/ovz3/images/down.png) |
U.Mutlu
Messages: 12 Registered: October 2011
|
Junior Member |
|
|
I need to use, in a VE, an app that uses libnetfilter_queue (ie. the NFQUEUE target of iptables).
Which module do I need to specify in vz.cfg (IPTABLES="...") ?
I tried the following modules
find /lib/modules/ -iname "*queu*" -ls
/lib/modules/2.6.32-5-openvz-amd64/kernel/drivers/md/dm-queu e-length.ko
/lib/modules/2.6.32-5-openvz-amd64/kernel/net/ipv6/netfilter /ip6_queue.ko
/lib/modules/2.6.32-5-openvz-amd64/kernel/net/netfilter/nfne tlink_queue.ko
/lib/modules/2.6.32-5-openvz-amd64/kernel/net/netfilter/xt_N FQUEUE.ko
/lib/modules/2.6.32-5-openvz-amd64/kernel/net/ipv4/netfilter /ip_queue.k
but vzctl gives such errors/warnings, and the app cannot access the NFQUEUE queue:
Warning: Unknown iptable module: nfnetlink_queue, skipped
The same app on the HN works fine.
So, how can I use NFQUEUE on the VE ?
|
|
|
|
|
Re: NFQUEUE in VE [message #44466 is a reply to message #44465] |
Fri, 09 December 2011 11:14 ![Go to previous message Go to previous message](/theme/ovz3/images/up.png) |
U.Mutlu
Messages: 12 Registered: October 2011
|
Junior Member |
|
|
both HN and VE give this:
# cat /proc/net/ip_tables_targets
NFQUEUE
TCPMSS
DNAT
SNAT
NFQUEUE
REJECT
LOG
ERROR
so, NFQUEUE is there, somehow even twice.
But why does it still not function on the VE?
U.Mutlu wrote, On 12/09/2011 12:03 PM:
> For the interested ones: here are similar postings regarding the same issue:
> http://forum.openvz.org/index.php?t=msg&goto=40984&
> and a bugreport here:
> http://bugzilla.openvz.org/show_bug.cgi?id=1677
>
>
> U.Mutlu wrote, On 12/07/2011 06:39 PM:
>> Has nobody an answer to this problem?
>>
>>
>> U.Mutlu wrote, On 12/06/2011 01:07 AM:
>>> I need to use, in a VE, an app that uses libnetfilter_queue (ie. the NFQUEUE target of iptables).
>>> Which module do I need to specify in vz.cfg (IPTABLES="...") ?
>>>
>>> I tried the following modules
>>>
>>> find /lib/modules/ -iname "*queu*" -ls
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/drivers/md/dm-queu e-length.ko
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/net/ipv6/netfilter /ip6_queue.ko
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/net/netfilter/nfne tlink_queue.ko
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/net/netfilter/xt_N FQUEUE.ko
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/net/ipv4/netfilter /ip_queue.k
>>>
>>> but vzctl gives such errors/warnings, and the app cannot access the NFQUEUE queue:
>>> Warning: Unknown iptable module: nfnetlink_queue, skipped
>>>
>>> The same app on the HN works fine.
>>> So, how can I use NFQUEUE on the VE ?
|
|
|