J
josecarlos
Guest
Hello proxmox community:
Im having troubles with my openvz VM's i have tried the 32 and 64 bits templates of debian lenny and squeeze and is all the same in each one of them.
Here is the deal, when i install the firehol firewall builder and start it gives me this bunch of errors:
#firehol start
WARNING
File '/etc/firehol/RESERVED_IPS' is more than 90 days old.
You should update it to ensure proper operation of your firewall.
Run the supplied get-iana.sh script to generate this file.
IMPORTANT WARNING:
------------------
FireHOL cannot find your current kernel configuration.
Please, either compile your kernel with /proc/config,
or make sure there is a valid kernel config in:
/usr/src/linux/.config
Because of this, FireHOL will simply attempt to load
all kernel modules for the services used, without
being able to detect failures.
FireHOL: Saving your old firewall to a temporary file: OK
FireHOL: Processing file /etc/firehol/firehol.conf: OK
FireHOL: Activating new firewall (41 rules):
--------------------------------------------------------------------------------
WARNING : This might or might not affect the operation of your firewall.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/modprobe ip_conntrack -q
OUTPUT :
FATAL: Could not load /lib/modules/2.6.32-4-pve/modules.dep: No such file or directory
--------------------------------------------------------------------------------
ERROR : # 1.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_all_c1 -m state --state NEW\,ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 2.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_all_c1 -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 3.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_irc_c2 -p tcp --sport 32768:61000 --dport 6667 -m state --state NEW\,ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 4.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_irc_c2 -p tcp --sport 6667 --dport 32768:61000 -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 5.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_ftp_c3 -p tcp --sport 32768:61000 --dport ftp -m state --state NEW\,ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 6.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_ftp_c3 -p tcp --sport ftp --dport 32768:61000 -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 7.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_ftp_c3 -p tcp --sport ftp-data --dport 32768:61000 -m state --state ESTABLISHED\,RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 8.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_ftp_c3 -p tcp --sport 32768:61000 --dport ftp-data -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 9.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_ftp_c3 -p tcp --sport 32768:61000 --dport 1024:65535 -m state --state ESTABLISHED\,RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 10.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_ftp_c3 -p tcp --sport 1024:65535 --dport 32768:61000 -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 11.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 12.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 13.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'\'IN-world\':\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 14.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'\'OUT-world\':\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 15.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A INPUT -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 16.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A OUTPUT -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 17.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A FORWARD -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 18.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A INPUT -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'IN-unknown:\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 19.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A OUTPUT -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'OUT-unknown:\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 20.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A FORWARD -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'PASS-unknown:\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
WARNING : This might or might not affect the operation of your firewall.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/modprobe ip_conntrack_irc -q
OUTPUT :
FATAL: Could not load /lib/modules/2.6.32-4-pve/modules.dep: No such file or directory
FAILED
FireHOL: Restoring old firewall: OK
Can any of you give me a tip on this
Thanks in advance and sorry about my english
Im having troubles with my openvz VM's i have tried the 32 and 64 bits templates of debian lenny and squeeze and is all the same in each one of them.
Here is the deal, when i install the firehol firewall builder and start it gives me this bunch of errors:
#firehol start
WARNING
File '/etc/firehol/RESERVED_IPS' is more than 90 days old.
You should update it to ensure proper operation of your firewall.
Run the supplied get-iana.sh script to generate this file.
IMPORTANT WARNING:
------------------
FireHOL cannot find your current kernel configuration.
Please, either compile your kernel with /proc/config,
or make sure there is a valid kernel config in:
/usr/src/linux/.config
Because of this, FireHOL will simply attempt to load
all kernel modules for the services used, without
being able to detect failures.
FireHOL: Saving your old firewall to a temporary file: OK
FireHOL: Processing file /etc/firehol/firehol.conf: OK
FireHOL: Activating new firewall (41 rules):
--------------------------------------------------------------------------------
WARNING : This might or might not affect the operation of your firewall.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/modprobe ip_conntrack -q
OUTPUT :
FATAL: Could not load /lib/modules/2.6.32-4-pve/modules.dep: No such file or directory
--------------------------------------------------------------------------------
ERROR : # 1.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_all_c1 -m state --state NEW\,ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 2.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_all_c1 -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 3.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_irc_c2 -p tcp --sport 32768:61000 --dport 6667 -m state --state NEW\,ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 4.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_irc_c2 -p tcp --sport 6667 --dport 32768:61000 -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 5.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_ftp_c3 -p tcp --sport 32768:61000 --dport ftp -m state --state NEW\,ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 6.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_ftp_c3 -p tcp --sport ftp --dport 32768:61000 -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 7.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_ftp_c3 -p tcp --sport ftp-data --dport 32768:61000 -m state --state ESTABLISHED\,RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 8.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_ftp_c3 -p tcp --sport 32768:61000 --dport ftp-data -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 9.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world_ftp_c3 -p tcp --sport 32768:61000 --dport 1024:65535 -m state --state ESTABLISHED\,RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 10.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world_ftp_c3 -p tcp --sport 1024:65535 --dport 32768:61000 -m state --state ESTABLISHED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 11.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 12.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 13.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_world -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'\'IN-world\':\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 14.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A out_world -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'\'OUT-world\':\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 15.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A INPUT -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 16.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A OUTPUT -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 17.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A FORWARD -m state --state RELATED -j ACCEPT
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 18.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A INPUT -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'IN-unknown:\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 19.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A OUTPUT -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'OUT-unknown:\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
ERROR : # 20.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A FORWARD -m limit --limit 1/second --limit-burst 5 -j LOG --log-level warning --log-prefix=\'PASS-unknown:\'
OUTPUT :
iptables: No chain/target/match by that name.
--------------------------------------------------------------------------------
WARNING : This might or might not affect the operation of your firewall.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line FIN of /etc/firehol/firehol.conf
COMMAND : /sbin/modprobe ip_conntrack_irc -q
OUTPUT :
FATAL: Could not load /lib/modules/2.6.32-4-pve/modules.dep: No such file or directory
FAILED
FireHOL: Restoring old firewall: OK
Can any of you give me a tip on this
Thanks in advance and sorry about my english