On all the VPSs the iptables modules are not enabled by default , and usually client get below error in this case :
“iptables v1.2.8: can’t initialize iptables table `filter’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.”
The iptable modules can be enabled through shell or vzmc , through vzmc you can simply select the modules , press enable and the vps will get restarted and the iptables modules will be enabled. Before enabling iptables on VPS, it needs to make sure that the iptables modules are enabled on the Hardware Node. In order to enable iptables modules on Hardware Node, edit /etc/sysconfig/iptables-config file on a Virtuozzo hardware node and look for the following parameter value:
IPTABLES_MODULES=”ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp”
Also edit /etc/sysconfig/vz file on a hardware node and look for the following parameter value:
IPTABLES=”ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp”
Next step would be enabling iptables modules on VPS. This is how we can do it:
VEID=XXX (where XXX is the actual VPS ID that can be checked using “vzlist -a” command)
vzctl stop $VEID ; vzctl set $VEID –iptables ipt_REJECT –iptables ipt_tos –iptables ipt_TOS –iptables ipt_LOG –iptables ip_conntrack –iptables ipt_limit –iptables ipt_multiport –iptables iptable_filter –iptables iptable_mangle –iptables ipt_TCPMSS –iptables ipt_tcpmss –iptables ipt_ttl –iptables ipt_length –iptables ipt_state –iptables iptable_nat –iptables ip_nat_ftp –save
vzctl set $VEID –numiptent 2000 –save
vzctl start $VEID
Leave a Reply
You must be logged in to post a comment.