Details
-
Type: New Feature
-
Status: Patch Sent
-
Priority: Major
-
Resolution: Unresolved
-
Fix Version/s: Vz7.0-Update6
-
Component/s: Containers::Kernel
-
Security Level: Public
-
Environment:Kernel vz7.9.29, Libvzctl 7.0.171, vzctl 7.0.85
Description
Module ipt_owner does not seem to work:
# iptables -t nat -A OUTPUT -d 10.0.0.0/8 -p tcp -m tcp --dport 2751 -m owner --uid-owner 1001 -j ACCEPT
iptables: Invalid argument. Run `dmesg' for more information.
it works fine without the "-m owner --uid-owner 1001" part however fine.
vz.conf contains:
IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_owner ip_tables iptable_nat"
the same iptables .. command works on the host fine.
the xt_owner module is loaded on the host.
>Host OS:
Debian 8.3
>Guest OS:
Debian 8.3
Or has this been dropped in VZ7?
# iptables -t nat -A OUTPUT -d 10.0.0.0/8 -p tcp -m tcp --dport 2751 -m owner --uid-owner 1001 -j ACCEPT
iptables: Invalid argument. Run `dmesg' for more information.
it works fine without the "-m owner --uid-owner 1001" part however fine.
vz.conf contains:
IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_owner ip_tables iptable_nat"
the same iptables .. command works on the host fine.
the xt_owner module is loaded on the host.
>Host OS:
Debian 8.3
>Guest OS:
Debian 8.3
Or has this been dropped in VZ7?
Attachments
Issue Links
- is duplicated by
-
OVZ-6825 openVZ7: ipt_owner/xt_owner iptables module support in Containers
- Resolved