[PVE-User] [SOLVED] Iptables under CentOS virtual machine
Dietmar Maurer
dietmar at proxmox.com
Fri Aug 29 10:52:57 CEST 2008
> All that is needed is to add "ipt_state ip_conntrack" to the
> "IPTABLES" line on
> /etc/vz/vz.conf: mine is now
>
> IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport
> iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl
> ipt_length ipt_state ip_conntrack"
>
> and after restarting vz everithing works like a charm.
>
> Dietmar, do you see any drawback on adding those two modules
> loading on default install of proxmox?
You mean adding 'xt_state' and 'xt_conntrack' to /etc/modules
Or is it called 'nf_conntrack'?
Or do you want to set it in the vz.conf also?
- Dietmar
More information about the pve-user
mailing list