VPS iptables problems

Locked
chirpy
Moderator
Posts: 3537
Joined: 09 Dec 2006, 18:13

VPS iptables problems

Post by chirpy »

If you get iptables errors when trying to start csf on a VPS then you most likely have missing iptables modules for your VPS.

If your hosting provider wants to know how to configure iptables correctly on a VPS server, then you should point them to this Parallels FAQ and have them follow it (plus to add ip_conntrack_ftp to the list of required modules):
https://openvz.org/Setting_up_an_iptabl ... figuration

csf requires at least these iptables modules:

ip_tables
ipt_state
ipt_multiport
iptable_filter
ipt_limit
ipt_LOG
ipt_REJECT
ipt_conntrack
ip_conntrack
ip_conntrack_ftp
iptable_mangle


Other modules where available for additional functionality:

ipt_owner
ipt_recent
iptable_nat
ipt_REDIRECT


The VPS Host provider can test whether they have fixed the environment by running:

/etc/csf/csftest.pl

This should run without any FATAL errors. If any such errors are present, they have not done it correctly or are using a broken kernel on the VPS client.

If you suffer from "memory allocation" errors with iptables on a VPS, make sure that your numiptent setting (as mentioned in the Parallels FAQ) is set sufficiently high. We recommend having numiptent set to at least 1500.
Locked