New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Help on CSF - iptable modules
I don't know if I am doing something wrong here. It's the first time I'm getting this type of issue.
I can't seem to get CSF to work since it always get a fatal error when identifying iptable modules.
I asked my provider to activate them but no luck yet. I was also asked to move to a diff location since TUN/TAP was not enabled in the old one.
I'm using openvz, by the way.
Any advice please?
Thank you..
Comments
they did vzctl set --iptables
is tun/tap necessary for openvz (from what i know, it's required with vpn)?
sorry quite new with this, i'm just familiar with vps with cpanel. i'm just using this new one for backups.
@jack maybe one DC doesn't allow VPN usage, while another one allows it? That's why they need to move him to another node / DC.
@libro22 who's the provider?
@Jack one in Poland for instance, i believe it's illegal there, but don't quote me on that.
i'll talk to them about it, thanks for the reply
i don't think dropping their name will do them good, maybe some other time if i make a review about them
Just updates, they wasn't able to fix it even with modprobe so I'm looking to moving away from them.
Good idea. This is OpenVZ 101.
@libro22 modprobe on node, if done correctly will fix the CSF ipt errors. Pretty basic to be honest. Let me know if you want to move to us, might be able to match your current plan
Well looks like today I actually experienced a scenario where I can honestly say that a node is currently incapable of proper iptables configuration through OpenVZ. Not a defense for this provider who isn't willing to make it work, but still annoying. Got a kernel panic today trying to get OpenVZ to see xt_connlimit. Yay for reboots to replace kernel...
First they need to modprobe the modules THEN do vzctl set --iptables part, vzctl set --iptables won't be of any help if the modules aren't loaded on the main node anyway.
If you are using a openvz server - Tun/Tap is neccessary. Also remember you can not use Masquerading on OpenVz.