Trying to get csf working in an openvz container. It works in containers on other hardware nodes, same kernel/utility versions.
Error is: # perl /etc/csf/csftest.pl Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...OK *Testing xt_connlimit...FAILED [Error: iptables: Unknown error 18446744073709551615] - Required for CONNLIMIT feature* Testing ipt_owner/xt_owner...OK Testing iptable_nat/ipt_REDIRECT...OK Testing iptable_nat/ipt_DNAT...OK xt_connlimit is loaded on the hardware node: ]# lsmod | grep xt_connlimit xt_connlimit 3254 0 nf_conntrack 80313 10 xt_connlimit,vzrst,vzcpt,xt_conntrack,nf_nat_ftp,nf_conntrack_ftp,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state After searching a long time I finally realized that vz.conf has changed so iptables now are loaded through vzctl, so done: [root@server16 vz]# vzctl set 1602 --netfilter full --setmode restart --save Restarting container Stopping container ... Container was stopped Unmounting file system at /vz/root/1602 Unmounting device /dev/ploop52936 Container is unmounted Starting container... Opening delta /vz/private/1602/root.hdd/root.hdd Adding delta dev=/dev/ploop52936 img=/vz/private/1602/root.hdd/root.hdd (rw) /dev/ploop52936p1: clean, 2189391/36044800 files, 117223158/144178683 blocks Mounting /dev/ploop52936p1 at /vz/root/1602 fstype=ext4 data='balloon_ino=12,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,' Container is mounted Adding IP address(es): (redacted) Setting CPU limit: 1200 Setting CPU units: 1016 Setting CPUs: 12 Container start in progress... CT configuration saved to /etc/vz/conf/1602.conf But I STILL get the same error After some further plodding I set following and rebooted, but also that didn't fix the problem: # cat /etc/modprobe.d/openvz.conf options nf_conntrack ip_conntrack_disable_ve0=0 Help?
_______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users