14
edits
Changes
IPv6
,Added connection state kernel modules needed for ip6tables.
Removal is effective immediately and the host stops replying to echo requests.
==ip6tables==
If you will be using connection tracking in ip6tables (i.e. '-m state --state'), you'll need to enable extra kernel modules in the host /etc/vz.conf. Add 'ipt_state' to IPTABLES and 'nf_conntrack_ipv6' to IP6TABLES. They should look something like this:
<pre>
IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state"
IP6TABLES="ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT nf_conntrack_ipv6"
</pre>
==See also==
