Hi, I'm running OpenVZ HW node on Debian Lenny with Debian stock kernel 2.6.26-2-openvz-amd64
When I try to use ip6tables ... -m state I get: > ip6tables: Invalid argument and HW node kernel prints: > can't load conntrack support for proto=10 Have changed something since 2.6.18? My ip6tables were taken from 2.6.18-128.2.1.el5.028stab064.8 where they works just fine. Piece of FW definition: > /sbin/ip6tables -N STATE > /sbin/ip6tables -A STATE -m state --state RELATED,ESTABLISHED -j ACCEPT > ip6tables: Invalid argument Piece of /etc/vz.conf: > ## IPv4 iptables kernel modules > IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter > iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_LOG ipt_state > ipt_conntrack ip_conntrack ip_conntrack_ftp xt_state" > > ## Enable IPv6 > IPV6="yes" > > ## IPv6 ip6tables kernel modules > IP6TABLES="ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT ip6t_hl > ip6t_rt xt_conntrack nt_conntrack nf_conntrack_ipv6 xt_state" cat /boot/config-2.6.26-2-openvz-amd64 | grep IP6 > CONFIG_IPV6_MIP6=m > CONFIG_IP6_NF_QUEUE=m > CONFIG_IP6_NF_IPTABLES=m > CONFIG_IP6_NF_MATCH_RT=m > CONFIG_IP6_NF_MATCH_OPTS=m > CONFIG_IP6_NF_MATCH_FRAG=m > CONFIG_IP6_NF_MATCH_HL=m > CONFIG_IP6_NF_MATCH_IPV6HEADER=m > CONFIG_IP6_NF_MATCH_AH=m > CONFIG_IP6_NF_MATCH_MH=m > CONFIG_IP6_NF_MATCH_EUI64=m > CONFIG_IP6_NF_FILTER=m > CONFIG_IP6_NF_TARGET_LOG=m > CONFIG_IP6_NF_TARGET_REJECT=m > CONFIG_IP6_NF_MANGLE=m > CONFIG_IP6_NF_TARGET_HL=m > CONFIG_IP6_NF_RAW=m > CONFIG_SLIP_MODE_SLIP6=y Any suggestions please? -- ----------------------- Jan Tomasek aka Semik http://www.tomasek.cz/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://openvz.org/mailman/listinfo/users
