Lik`s forum

cPanel/WHM/OpenVZ/Xen/KVM/Linux/IPMI Lik`s forum

Skip to content

vps_iptables_tune.sh

Here one can find interesting information about OpenVZ management and maintenance. OpenVZ control panels information also goes here
Forum rules
Post a reply

vps_iptables_tune.sh

Postby lik » Tue Sep 08, 2009 10:05 pm

# cat vps_iptables_tune.sh
Code: Select all
echo "Checking iptables modules via lsmod and will autoenable all missing modules."
echo ""

lsmod|grep ipt_conntrack ||modprobe ipt_conntrack
lsmod|grep ipt_LOG ||modprobe ipt_LOG
lsmod|grep ipt_owner||modprobe ipt_owner
lsmod|grep ipt_state||modprobe ipt_state
lsmod|grep ip_conntrack_ftp||modprobe ip_conntrack_ftp
echo ""
echo "lsmod checks and modprobe part is complete."
echo ""

echo "Your /etc/sysconfig/iptables-config must have the following line :"
echo "IPTABLES_MODULES=\"ip_conntrack_netbios_ns xt_state ipt_conntrack ipt_LOG ipt_owner ipt_state ip_conntrack_ftp\""
echo ""

echo "Your /etc/sysconfig/iptables-config have now:"
grep IPTABLES_MODULES= /etc/sysconfig/iptables-config
echo ""
echo "Please compare these lines and edit your current /etc/sysconfig/iptables-config if they are different"
echo ""

echo "Now you need to add/edit this line"
echo "==============================================="
echo "IPTABLES=\"iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ipt_state iptable_nat ip_nat_ftp ipt_owner ip_conntrack_ftp\" "
echo "==============================================="
echo "in your VM config in /etc/sysconfig/vz-scripts/{VEID NUMBER}.conf "
echo ""
echo "You need to reboot VM after that:"
echo "vzctl restart {VEID NUMBER}"
lik
Founder
Founder
 
Posts: 497
Joined: Wed Dec 15, 2010 3:21 am
Top
Post a reply

Return to OpenVZ related

Powered by BB3 © Group
cron