[PVE-User] iptables state module broken in debian 4.0 appliance?
Erik Gulliksson
erik.gulliksson at diino.net
Tue Jan 27 18:15:35 CET 2009
Hi!
I'm a new user of proxmox and openvz. First I would like to say thanks
for a wonderful open-source virtualization solution, so far I'm very
impressed.
Now to the problem: I am using Proxmox 1.1 and the
debian-4.0-standard_4.0-3_i386.tar.gz appliance template. When I
played around with iptables in a container running Debian, I came
across something that usually works in normal machines:
# iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables: Invalid argument
/proc/net/ip_tables_* looks like the following:
# cat /proc/net/ip_tables_matches
state
udplite
udp
tcp
length
ttl
tcpmss
multiport
multiport
limit
tos
icmp
# cat /proc/net/ip_tables_names
mangle
filter
# cat /proc/net/ip_tables_targets
LOG
TCPMSS
REJECT
ERROR
Other iptables statements (like -A INPUT -m tcp -p tcp --dport 22 -j
ACCEPT) seems to work just fine.
Do anyone on the list have a solution or workaround (or explanation)
to my problem?
Best regards
Erik Gulliksson
--
Erik Gulliksson, erik.gulliksson at diino.net
System Administrator, Diino AB
http://www.diino.com
More information about the pve-user
mailing list