LXC Container CSF

Maybe one of its dependencies is the problem, perhaps libxtables?
 
Ok,
i think i managed to get it to work.
I installed clean CentOS 6.7 x64, updated it with yum -y update, and after that i used following commands to install newer iptables version.

Code:
# compile iptables from source and install to /usr/local
mkdir -p /tmp/iptables
wget "http://www.netfilter.org/projects/iptables/files/iptables-1.4.21.tar.bz2" -qO- | tar --strip-components=1 -C /tmp/iptables -xvj
cd /tmp/iptables
./configure
make
make install

# set alternatives
sudo alternatives --install /sbin/iptables iptables.x86_64 /usr/local/sbin/iptables 100 \
--slave /bin/iptables-xml bin-iptables-xml.x86_64 /usr/local/bin/iptables-xml \
--slave /sbin/iptables-multi sbin-iptables-multi.x86_64 /usr/local/sbin/iptables-multi \
--slave /sbin/iptables-restore sbin-iptables-restore.x86_64 /usr/local/sbin/iptables-restore \
--slave /sbin/iptables-save sbin-iptables-save.x86_64 /usr/local/sbin/iptables-save \
--slave /usr/share/man/man8/iptables-restore.8.gz man-iptables-restore.x86_64 /usr/local/share/man/man8/iptables-restore.8.gz \
--slave /usr/share/man/man8/iptables-save.8.gz man-iptables-save.x86_64 /usr/share/man/man8/iptables-save.8.gz \
--slave /usr/share/man/man8/iptables-xml.8.gz man-iptables-xml.x86_64 /usr/share/man/man8/iptables-xml.8.gz \
--slave /usr/share/man/man8/iptables.8.gz man-iptables.x86_64 /usr/share/man/man8/iptables.8.gz

sudo alternatives --set iptables.x86_64 /usr/local/sbin/iptables

sudo alternatives --install /sbin/ip6tables ip6tables.x86_64 /usr/local/sbin/ip6tables 100 \
--slave /sbin/ip6tables-multi sbin-ip6tables-multi.x86_64 /usr/local/sbin/ip6tables-multi \
--slave /sbin/ip6tables-restore sbin-ip6tables-restore.x86_64 /usr/localsbin/ip6tables-restore \
--slave /sbin/ip6tables-save sbin-ip6tables-save.x86_64 /usr/local/sbin/ip6tables-save \
--slave /usr/share/man/man8/ip6tables-restore.8.gz man-ip6tables-restore.x86_64 /usr/local/share/man/man8/ip6tables-restore.8.gz \
--slave /usr/share/man/man8/ip6tables-save.8.gz man-ip6tables-save.x86_64 /usr/local/share/man/man8/ip6tables-save.8.gz \
--slave /usr/share/man/man8/ip6tables.8.gz man-ip6tables.x86_64 /usr/local/share/man/man8/ip6tables.8.gz

sudo alternatives --set ip6tables.x86_64 /usr/local/sbin/ip6tables

After that, i tested CSF and it says that it will work.
Im gonna test it again once more, and let you know if everything is ok.
 
Now, im having problems with pure-ftpd. While starting it says that
Starting pure-ftpd: 421 Unable to switch capabilities : Operation not permitted
[FAILED]

Do you know maybe which modprobe kernel mod should i enable for this to work? modprobe capabilites doesnt work.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!