Error 18446744073709551615 when running iptables in OpenVZ container

Posted by xsaero00 on Server Fault See other posts from Server Fault or by xsaero00
Published on 2010-12-17T17:01:49Z Indexed on 2010/12/27 20:55 UTC
Read the original article Hit count: 185

Filed under:

iptables

|

openvz

This is related to the question I asked before. Now I am getting a different error.

iptables: Unknown error 18446744073709551615

when trying to apply a simple rule in VZ container

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

I have done everything that was suggested to do on hardware node and container but the error persists.

On hardware node:

/etc/sysconfig/iptables-config

IPTABLES_MODULES="ip_conntrack_netbios_ns ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
/etc/vz/vz.conf

IPTABLES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
/etc/rc.local

modprobe xt_tcpudp; modprobe ip_conntrack; modprobe xt_state
container config

IPTABLES="ip_tables iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ipt_state iptable_nat ip_nat_ftp "

I have restarted HN and container numerous times, but the error is still there. It seems like all config is in place but something like lack of some resources is preventing the rule from being applied.

Thanks for any help.

© Server Fault or respective owner

Related posts about iptables

Sometimes this script fails to update the iptables

as seen on Server Fault - Search for 'Server Fault'
It does not happen often, but sometimes after running the below script, checking the iptables with service iptables status shows that they weren't updated and the script doesn't output any error. The iptables is structured as look-up tree (long repeated sections snipped): #!/bin/sh iptables -t… >>> More
My current iptable configuration doesn't work [on hold]

as seen on Server Fault - Search for 'Server Fault'
sudo chkconfig iptables off /etc/init.d/iptables on ### Clear/flush iptables sudo iptables -F sudo iptables -P INPUT ACCEPT sudo iptables -P OUTPUT ACCEPT sudo iptables -P FORWARD ACCEPT ### Allow SSH iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables… >>> More
L2TP iptables port forward

as seen on Server Fault - Search for 'Server Fault'
Hi all, I'm setting up port forwarding for an L2TP VPN connection to the local Windows 2003 VPN server. The router is a simpel Debian machine with iptables. The VPN server works perfect. But I cannot log in from the WAN. I'm missing something. The VPN server is using a pre-shared key (L2TP) and… >>> More
iptables -P FORWARD DROP makes port forwarding slow

as seen on Server Fault - Search for 'Server Fault'
I have three computers, linked like this: box1 (ubuntu) box2 router & gateway (debian) box3 (opensuse) [10.0.1.1] ---- [10.0.1.18,10.0.2.18,10.0.3.18] ---- [10.0.3.15] | box4, www [10.0.2.1] Among other… >>> More
IPtables AWS EC2 NAT/Reverse NAT - For Reverse Proxy style setup but with IPtables

as seen on Server Fault - Search for 'Server Fault'
I was thinking initially needing to do a reverse proxy or something so I could get some SSL/TLS traffic look like it is being terminated at a server and IP address in the AWS cloud, and then that traffic is forwarded onto our actual web servers that aren't in the cloud... I've not done much iptables… >>> More

Related posts about openvz

Adding IP address to OpenVZ VPS (OpenVZ Web Panel)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I apologise if I sound at all dumb. This is my first dedicated server having used a VPS for over a year and I'm trying to setup a VPS on this new server. I purchased a subnet from my hosting provider that I believe allows me 6 usable IP addresses: 177.xx.xxx.201 - 177.xx.xxx.206 The subnet address… >>> More
Adding IP address to OpenVZ VPS (OpenVZ Web Panel)

as seen on Server Fault - Search for 'Server Fault'
I apologise if I sound at all dumb. This is my first dedicated server having used a VPS for over a year and I'm trying to setup a VPS on this new server. I purchased a subnet from my hosting provider that I believe allows me 6 usable IP addresses: 177.xx.xxx.201 - 177.xx.xxx.206 The subnet address… >>> More
Can OpenVZ have SLES, CentOS, and OpenSuse guests?

as seen on Server Fault - Search for 'Server Fault'
I have a SLES Xen Host and a CentOS Xen host, so I was wondering, if I would be able to migrate these Xen guests (CentOS 5, SLES 10, OpenSUSE 11) to OpenVZ? None of the guests uses any kernel feaures. Can OpenVZ handle all those on one OpenVZ host? >>> More
Partitioning recommendations for a Proxmox VM Server (OpenVZ)

as seen on Server Fault - Search for 'Server Fault'
We are new to virtualization and we are planning to turn our online server into a virualized one, mainly for maintenance, backup and recovery improvements. Initially we would only have one real virtual system with load plus 1-3 copys for testing and recovering and maybe a small centralized syslog… >>> More
openvz and iptables

as seen on Server Fault - Search for 'Server Fault'
http://wiki.openvz.org/Setting_up_an_iptables_firewall mentions to load xt_state before starting a container in order to run iptables in containers. so I ran modprobe xt_state on the host and restarted the container and it worked great. To make this persist I added xt_state to /etc/modules. The… >>> More