OpenVZ Forum: Support » Connection tracking on host- Bug: 2755

Home » General » Support » Connection tracking on host- Bug: 2755

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Connection tracking on host- Bug: 2755 [message #51803]

Thu, 18 December 2014 15:58

DarkSpace
Messages: 9
Registered: October 2010

Junior Member

Hi,

I have recently upgraded the kernel (2.6.32-042stab061.2 -> 2.6.32-042stab094.7) and I was affected by the connection tracking issue described in this bug - hxxps://bugzilla.openvz.org/show_bug.cgi?id=2755

I currently use firewall rules that allows per-container configuration with connection tracking disabled so I can't use stateful IPtable rules so my question is what's the best way to configure firewall on host in that case?

# cat /sys/module/nf_conntrack/parameters/ip_conntrack_disable_ve0
1

Report message to a moderator

Previous Topic:	Enquiry on CVE-2014-9322 and 2.6.32-042stab094.8
Next Topic:	Safe to install kernel and linux-firmware inside container?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Fri Apr 26 23:21:13 GMT 2024

Total time taken to generate the page: 0.03044 seconds