92
edits
Changes
→Setting up a firewall that allows per-container configuration
If you do not, you will get an error like this: "iptables: No chain/target/match by that name"
* Note: xt_tcpudp module seem to be included in the kernel packages of Debian 6, but not of CentOS 6.
If you want to use stateful firewall rules (and you should!) you will also need to make sure that 'ipt_state' is in the 'IPTABLES' option in your vz.conf file: