[Users] Re: NFQUEUE in VE
U.Mutlu
for-gmane at mutluit.com
Fri Dec 9 06:14:46 EST 2011
both HN and VE give this:
# cat /proc/net/ip_tables_targets
NFQUEUE
TCPMSS
DNAT
SNAT
NFQUEUE
REJECT
LOG
ERROR
so, NFQUEUE is there, somehow even twice.
But why does it still not function on the VE?
U.Mutlu wrote, On 12/09/2011 12:03 PM:
> For the interested ones: here are similar postings regarding the same issue:
> http://forum.openvz.org/index.php?t=msg&goto=40984&
> and a bugreport here:
> http://bugzilla.openvz.org/show_bug.cgi?id=1677
>
>
> U.Mutlu wrote, On 12/07/2011 06:39 PM:
>> Has nobody an answer to this problem?
>>
>>
>> U.Mutlu wrote, On 12/06/2011 01:07 AM:
>>> I need to use, in a VE, an app that uses libnetfilter_queue (ie. the NFQUEUE target of iptables).
>>> Which module do I need to specify in vz.cfg (IPTABLES="...") ?
>>>
>>> I tried the following modules
>>>
>>> find /lib/modules/ -iname "*queu*" -ls
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/drivers/md/dm-queue-length.ko
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/net/ipv6/netfilter/ip6_queue.ko
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/net/netfilter/nfnetlink_queue.ko
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/net/netfilter/xt_NFQUEUE.ko
>>> /lib/modules/2.6.32-5-openvz-amd64/kernel/net/ipv4/netfilter/ip_queue.k
>>>
>>> but vzctl gives such errors/warnings, and the app cannot access the NFQUEUE queue:
>>> Warning: Unknown iptable module: nfnetlink_queue, skipped
>>>
>>> The same app on the HN works fine.
>>> So, how can I use NFQUEUE on the VE ?
More information about the Users
mailing list