[BlueOnyx:20699] Re: errors and issues
Michael Stauber
mstauber at blueonyx.it
Tue Feb 21 18:21:22 -05 2017
Hi Greg,
> While upgrading the kernel would be helpful, it is not the answer.
> I had a chat to Chris, and he had a report of someone once with a similar problem but was unable to recall the solution.
It is absolutely the answer. To a two part problem. OpenVZ Kernel and
OpenVZ Tools need to match. If you're running 116 and 120.18 is actual,
then you're so far behind that all bets are off.
Like in this case. The mechanism for how access to iptables modules
inside a VPS works is no longer compatible as the config options for
that in vz.conf changed.
The 2nd part of this two part problem is the netfilter configuration of
VPS, which can be edited via the GUI: "VPS Basic Settings", "Netfilter".
If only "stateless" is allowed, then access to NAT and contrack rules
aren't possible from inside the VPS. In order to use APF inside a VPS
the netfilter cnnfig of that VPS *must* be set to "full" under "VPS
Basic Settings", "Netfilter".
Otherwise APF will be unable to implement certain stateful rules which
need the contrack module to be present.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list