[BlueOnyx:20700] Re: errors and issues
Michael Stauber
mstauber at blueonyx.it
Tue Feb 21 18:53:55 -05 2017
Hi all,
> Like in this case. The mechanism for how access to iptables modules
> inside a VPS works is no longer compatible as the config options for
> that in vz.conf changed.
To elaborate on that: Once upon a time the global /etc/vz/vz.conf
allowed us to specify which IPtables modules were available for usage in
VPS's. This used to be a global setting, so all VPS's had access to the
same IPtables modules. To simplify things we allowed access to all
IPtables modules there.
Recently (couple of months back) this behaviour changed and access to
IPtables modules is now a configurable per VPS setting. That's when
Aventurin{e} got an update that now allows to specify the "Netfilter"
part of the OpenVZ configuration on a per VPS basis.
If no NETFILTER line is in your VPS config (and any older VPS will not
have this yet), then the default "stateless" is assumed. Which means: No
access to NAT and contrack. And the APF needs contrack.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list