Difference between revisions of "Talk:Slackware template creation"
(Iptables error) |
(→Iptables error) |
||
(4 intermediate revisions by the same user not shown) | |||
Line 19: | Line 19: | ||
The VE based upon che slackware 11 cache returns an error when I add an Iptables rule: | The VE based upon che slackware 11 cache returns an error when I add an Iptables rule: | ||
+ | |||
<code>iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT</code> | <code>iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT</code> | ||
+ | |||
+ | <code>iptables: Unknown error 4294967295</code> | ||
+ | |||
+ | |||
+ | I think that it depends on the <code>-m state</code> but I do not know how to solve it. | ||
+ | |||
+ | Any suggestions? | ||
+ | |||
+ | |||
+ | *SOLVED* | ||
+ | |||
+ | In the <VE>.conf (or in the vz.conf) I must include <code>IPTABLES="ipt_state ..."</code> |
Latest revision as of 16:00, 7 March 2007
Contents
klogd[edit]
I have added a note that klogd is needed sometimes. --Kir 15:43, 6 June 2006 (EDT)
VE IP[edit]
Actually, since you do not run anything inside the temporary VE (777) which requires an IP address, you can omit the step of setting VE's OSTEMPLATE, an IP address and a hostname. This was done for Debian specifically because you have to run apt update and apt upgrade commands, which requires network to be working. So you can edit that out to simplify things. I have not done it yet because you might have other reasons to leave it. --Kir 15:43, 6 June 2006 (EDT)
- I have actually removed these settings from the text, since it looks like they are not needed, and you forgot to run vzctl set --ipdel so OS template cache ends up with the IP address which is wrong. So I followed the easy path and instead of adding the procedure of removing VE IP I just removed the adding of it! Also note that setting OSTEMPLATE is actually needed for vzctl set --ipadd to work. --Kir 16:15, 6 June 2006 (EDT)
Typo + IPtables[edit]
I corrected a typo. Also, I forgot to mention that IPtables needs modules from the running kernel in the VE to work, so before cache creation or after VE creation the /lib/modules should be created with the needed iptables modules. --Scythe 22:54, 6 June 2006 (CET)
- There is actually no need for iptables modules to be available inside VE for iptables to work, so you got it wrong. I have reverted your last change. No kernel modules are loaded inside VE at all -- so you do not need modutils as well. Also, can you please specify the summary then you are making a change? Otherwise it's not clear from the history page what have changed. It makes sense to select an option "Prompt me when entering a blank edit summary" in your preferences->editing. --Kir 05:05, 7 June 2006 (EDT)
- You are right, I accidentally mixed the openvz.org "official" template cache's root filesystem with my host's own, so I mislooked the /lib/modules directory... I also corrected the typo again (a missing ")" in the "Moving a Sl. installation into a VE" part) which You have included again when reverting my erroneous notice about iptables modules. --Scythe 11:26, 7 June 2006 (CET)
Iptables error[edit]
Hi all, I have installed a Slackware 11 and all is ok.
The VE based upon che slackware 11 cache returns an error when I add an Iptables rule:
iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
iptables: Unknown error 4294967295
I think that it depends on the -m state
but I do not know how to solve it.
Any suggestions?
- SOLVED*
In the <VE>.conf (or in the vz.conf) I must include IPTABLES="ipt_state ..."