Guys,
You can get these error messages when some modules of iptables are missing on the server. I got these when I was restarting the CSF on the container(CT or VPS). I have enabled iptables modules on the hardware node and CT. Then I restarted the csf. Then it worked. Due to this firewall issue you may not login into the server via ssh etc. Here are the steps those I followed :
1. On the node :
===========
vi /etc/sysconfig/vz and add following modules at IPTABLES= line like
IPTABLES= ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp
===========
2.
==========
vi /etc/sysconfig/iptables-config and add following modules at IPTABLES_MODULES= line like
IPTABLES_MODULES= ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp
==========
Note : You may be skipped the step 2
3. Restart the services :
# service vz stop
# service iptables restart
# service vz start
That's it.
You can also make it effective for containers or VPS like (run following command on the node and replace CTID):
==========
vzctl set 101 --iptables ipt_REJECT --iptables ipt_tos --iptables ipt_TOS --iptables ipt_LOG --iptables ip_conntrack --iptables ipt_limit --iptables ipt_multiport --iptables iptable_filter --iptables iptable_mangle --iptables ipt_TCPMSS --iptables ipt_tcpmss --iptables ipt_ttl --iptables ipt_length --iptables ipt_state --iptables iptable_nat --iptables ip_nat_ftp --save
=========
Try :)
No comments:
Post a Comment