Fli
02-03-2015, 12:47 PM
There is an error on one OpenVZ based VPS:
i did command "iptables -t nat -nvL" and result:
WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/.FATAL: Module ip_tables not found.
iptables v1.4.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
When doing this same command on another VPS, it worked without error.
I made it working this way:
I checked OpenVZ VPS host server and it appears like the iptables nat module is there:
# lsmod | grep nat
iptable_nat 6302 0
nf_nat 23213 4 ipt_MASQUERADE,ipt_REDIRECT,vzrst,iptable_nat
nf_conntrack_ipv4 9946 100 iptable_nat,nf_nat
nf_conntrack 80313 8 xt_helper,xt_connlimit,xt_state,vzrst,vzcpt,iptabl e_nat,nf_nat,nf_conntrack_ipv4
ip_tables 18119 3 iptable_mangle,iptable_nat,iptable_filter
if not, maybe doing "modprobe iptable_nat"
then edit VPS config file from host server: vi /etc/vz/conf/VMID.conf
and comment out this line:
NETFILTER="stateless"
to become:
## NETFILTER="stateless"
then saved file and rebooted VPS:
vzctl restart VMID
(one may also try this instead: vzctl set VMID --netfilter full --save)
And then iptables -t nat -nvL started working with result:
Chain PREROUTING (policy ACCEPT 2 packets, 120 bytes) pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 7 packets, 402 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 7 packets, 402 bytes)
pkts bytes target prot opt in out source destination
i did command "iptables -t nat -nvL" and result:
WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/.FATAL: Module ip_tables not found.
iptables v1.4.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
When doing this same command on another VPS, it worked without error.
I made it working this way:
I checked OpenVZ VPS host server and it appears like the iptables nat module is there:
# lsmod | grep nat
iptable_nat 6302 0
nf_nat 23213 4 ipt_MASQUERADE,ipt_REDIRECT,vzrst,iptable_nat
nf_conntrack_ipv4 9946 100 iptable_nat,nf_nat
nf_conntrack 80313 8 xt_helper,xt_connlimit,xt_state,vzrst,vzcpt,iptabl e_nat,nf_nat,nf_conntrack_ipv4
ip_tables 18119 3 iptable_mangle,iptable_nat,iptable_filter
if not, maybe doing "modprobe iptable_nat"
then edit VPS config file from host server: vi /etc/vz/conf/VMID.conf
and comment out this line:
NETFILTER="stateless"
to become:
## NETFILTER="stateless"
then saved file and rebooted VPS:
vzctl restart VMID
(one may also try this instead: vzctl set VMID --netfilter full --save)
And then iptables -t nat -nvL started working with result:
Chain PREROUTING (policy ACCEPT 2 packets, 120 bytes) pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 7 packets, 402 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 7 packets, 402 bytes)
pkts bytes target prot opt in out source destination