On Tue, Sep 7, 2010 at 3:25 PM, Benjamin Henrion <[email protected]> wrote: > Hi, > > I wanted to NAT 2 networks, one is a VPN with TUN, the other is the internet. > > ========================================================== > [CT121]# iptables -t nat -L > WARNING: Deprecated config file /etc/modprobe.conf, all config files > belong into /etc/modprobe.d/. > FATAL: Module ip_tables not found. > iptables v1.4.8: can't initialize iptables table `nat': Table does not > exist (do you need to insmod?) > Perhaps iptables or your kernel needs to be upgraded. > ========================================================== > > Do you know if it is possible to use NAT inside a container?
I have just added this to my /etc/vz/vz.conf: IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc ipt_REDIRECT" And restarted the CT121, no need to restart with /etc/init.d/vz restart. -- Benjamin Henrion <bhenrion at ffii.org> FFII Brussels - +32-484-566109 - +32-2-4148403 "In July 2005, after several failed attempts to legalise software patents in Europe, the patent establishment changed its strategy. Instead of explicitly seeking to sanction the patentability of software, they are now seeking to create a central European patent court, which would establish and enforce patentability rules in their favor, without any possibility of correction by competing courts or democratically elected legislators." _______________________________________________ Users mailing list [email protected] https://openvz.org/mailman/listinfo/users
