Wednesday, 28 August 2013

Enable Iptables Modules for a VPS

Before enabling the modules to the VPS , make sure that its enabled in the root node of the VPS. You can check it using the command below.
#lsmod | grep -i module_name
If its not enabled, then enable it by using the modprobe command 
#modprobe iptables_module
#modprobe ipt_helper
#modprobe ipt_REDIRECT
#modprobe ipt_TCPMSS
#modprobe ipt_LOG
#modprobe ipt_TOS
#modprobe iptable_nat
#modprobe ipt_length
#modprobe ipt_tcpmss
#modprobe iptable_mangle
#modprobe ipt_tos
#modprobe iptable_filter
#modprobe ipt_helper
#modprobe ipt_tos
#modprobe ipt_ttl
#modprobe ipt_SAME
#modprobe ipt_REJECT
#modprobe ipt_helper
#modprobe ipt_owner
#modprobe ip_tables
#modprobe ipt_MASQUERADE
#modprobe ipt_multiport/xt_multiport
#modprobe ipt_state/xt_state
#modprobe ipt_limit/xt_limit
#modprobe ipt_recent
#modprobe xt_connlimit
#modprobe ipt_owner/xt_owner
#modprobe iptable_nat/ipt_DNAT
#modprobe iptable_nat/ipt_REDIRECT

Now to enable the module to the container, first stop the container which one you want to enable the module . Assuming the vps id as 101 here.  

# vzctl stop 101
Now you can enable the module to the vps either by executing the following command

# vzctl set 101 --iptables ipt_REJECT --iptables ipt_tos --iptables ipt_TOS --iptables ipt_LOG --iptables ip_conntrack --iptables ipt_limit --iptables ipt_multiport --iptables iptable_filter --iptables iptable_mangle --iptables ipt_TCPMSS --iptables ipt_tcpmss --iptables ipt_ttl --iptables ipt_length --iptables ipt_state --iptables iptable_nat --iptables ip_nat_ftp --save
                                                 OR
By adding manually to the configuration file /etc/vz/conf/veid.conf 
#vi /etc/vz/conf/101.conf
and then paste following at the end of the file.
 
IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc"

Now restart the container.
# vzctl restart 101

This will enable the modules to the vps.




at
Labels: , , , , , , , , , , , , ,

1 comment:

  1. Anonymous29 January 2014 at 07:06

    Is there any other method to enable a module other than these two ??

    ReplyDelete

Subscribe to: Post Comments (Atom)