D
doknet
Guest
I have a machine in KVM, router and firewall that makes the rest of the machines with a classic scripts using iptables and nat. (Debian 5.8)
Everything works fine.
Now I want to do the same vm with a made openvz vm (Debian 5.08 too), and I get error.
Clarified that introduced the change in /etc/vz/vz.conf.
First I tried with this change
then I tried,
both gave me the same error
Vz When I reboot vz, I get the following message
When I start the VM, I get the following message:
I have to do more to work on a machine Iptables OpenVZ, besides introducing these lines.
Already thank you very much.
Everything works fine.
Now I want to do the same vm with a made openvz vm (Debian 5.08 too), and I get error.
Clarified that introduced the change in /etc/vz/vz.conf.
First I tried with this change
Code:
IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc ipt_REDIRECT xt_mac ipt_owner"
Code:
IPTABLES="ipt_REJECT ipt_recent ipt_owner ipt_REDIRECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"Vz When I reboot vz, I get the following message
HTML:
CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please usenf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option orsysctl net.netfilter.nf_conntrack_acct=1 to enable it
HTML:
iptables: No chain/target/match by that nameAlready thank you very much.