Firewall is not enabled inside container: "Module ip6_tables not found"

Refers to:

  • Plesk 11.5 for Linux

Created:

2016-11-16 13:16:12 UTC

Modified:

2016-12-21 20:19:44 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Firewall is not enabled inside container: "Module ip6_tables not found"

Symptoms

The firewall inside a container is not enabled.

A similar error is observed:

~# ip6tables -L
FATAL: Module ip6_tables not found.
ip6tables v1.4.7: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

Cause

Most likely, ip6tables and ip6table_filter are not loaded on the node and are not enabled in the container.

Resolution

Enable ip6tables and ip6table_filter inside the container.

  1. Check whether these modules are loaded on the node:

    ~# lsmod | grep ip6table
  2. If the modules are not loaded, add them to the /etc/vz/vz.conf file:

    ~# grep IPTABLES /etc/vz/vz.conf
    IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ip6tables ip6tables_filter"
  3. Reboot the node

  4. If the container has some modules specified via the --iptables option, enable the ip6tables and ip6tables_filter modules as well:

    ~# vzctl set CTID --iptables ip6tables,ip6tables_filter --save

For more information refer to these articles:

#113056 Managing iptables modules in containers

#213949865 How do I enable firewall in a Container?

Have more questions? Submit a request
Please sign in to leave a comment.