I've recently upgraded to 2.1 from 1.9 by simply reinstalling clean and importing backups. Everything is working fine, except for one container that uses iptables rules to mangle some packets... This container starts OK, but the iptables rules never get applied because of this:
I edited the vz.conf on the host to have this:
but it still doesn't work
One thing I did notice is that when I tried manually loading the required modules as per the OpenVZ website, I got an error: FATAL: Module xt_tcpudp not found. Is that the issue? Is 2.1 missing this, or is it a case of the documentation at OpenVZ not matching Proxmox?
The only thing I haven't done yet is reboot the host having made that vz.conf change - is that required or does vz.conf get re-read on starting a guest anyway?
Code:
trudy:~# iptables -L
iptables v1.4.8: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
trudy:~#
I edited the vz.conf on the host to have this:
Code:
IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc ipt_REDIRECT xt_mac ipt_owner"
One thing I did notice is that when I tried manually loading the required modules as per the OpenVZ website, I got an error: FATAL: Module xt_tcpudp not found. Is that the issue? Is 2.1 missing this, or is it a case of the documentation at OpenVZ not matching Proxmox?
The only thing I haven't done yet is reboot the host having made that vz.conf change - is that required or does vz.conf get re-read on starting a guest anyway?