Openvz - ufw - ошибка при запуске modprobe: FATAL: Module nf conntrack ftp not found in directory


Материал из Wiki - Iphoster - the best ever hosting and support. 2005 - 2020

Перейти к: навигация, поиск

Openvz - ufw - ошибка при запуске modprobe: FATAL: Module nf conntrack ftp not found in directory

Ошибка при включении фаервола ufw:

# ufw enable
ERROR: problem running ufw-init 
modprobe: ERROR: ../libkmod/libkmod.c:514 lookup_builtin_file() could not open builtin file '/lib/modules/2.6.32-042stab138.1/modules.builtin.bin'
modprobe: FATAL: Module nf_conntrack_ftp not found in directory /lib/modules/2.6.32-042stab138.1
modprobe: ERROR: ../libkmod/libkmod.c:514 lookup_builtin_file() could not open builtin file '/lib/modules/2.6.32-042stab138.1/modules.builtin.bin'
modprobe: FATAL: Module nf_nat_ftp not found in directory /lib/modules/2.6.32-042stab138.1
modprobe: ERROR: ../libkmod/libkmod.c:514 lookup_builtin_file() could not open builtin file '/lib/modules/2.6.32-042stab138.1/modules.builtin.bin'
modprobe: FATAL: Module nf_conntrack_netbios_ns not found in directory /lib/modules/2.6.32-042stab138.1
iptables-restore: line 4 failed
iptables-restore: line 77 failed
iptables-restore: line 31 failed
ip6tables-restore: line 4 failed
ip6tables-restore: line 138 failed
ip6tables-restore: line 31 failed
sysctl: permission denied on key 'net.ipv4.tcp_sack'
Problem running '/etc/ufw/before.rules'
Problem running '/etc/ufw/user.rules'
Problem running '/etc/ufw/before6.rules'


Решение - подгрузить модули на ноде openvz:

# modprobe nf_conntrack_netbios_ns
# modprobe nf_nat_ftp
# modprobe nf_conntrack_ftp


+подключить модули в конфиге контейнера:

# vi /etc/vz/conf/17750.conf
IPTABLES="ip_tables iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ipt_state iptable_nat ip_nat_ftp"
# vzctl set 17750 --netfilter full --save --setmode restart
Индекс цитирования