Search

Language:  
Search for:

Available article translations:

Unable to set firewall rules inside container: "No chain/target/match by that name"

APPLIES TO:
  • Parallels Cloud Server
  • Parallels Virtuozzo Containers for Linux
  • Parallels Server

Symptoms

When trying to add an iptables rule inside a container, the operation results in an error similar to the following:

# iptables -t mangle -A PREROUTING -s x.x.x.x -j TTL --ttl-set 64
iptables: No chain/target/match by that name.

Cause

To be able to execute "action" rules, it is necessary to have the corresponding matching and target modules available inside the container. It is likely that the required matching or target module is not loaded on the node.

Resolution

Check matching and target modules available for the container in question and load the absent ones.

Example:

For the command iptables -t mangle -A PREROUTING -s x.x.x.x -j TTL --ttl-set 64:

[root@mycontainer ~]# cat /proc/net/ip_tables_matches
udp
tcp
conntrack
owner
connlimit
recent
helper
state
length
ttl
tcpmss
icmp
multiport
multiport
limit
tos

[root@mycontainer ~]# cat /proc/net/ip_tables_targets
REDIRECT
MASQUERADE
DNAT
SNAT
TCPMSS
ERROR
LOG
TOS
REJECT

For the command above, we need the matching module ttl (which is available) and target module TTL, which is not present.

In order to fix the issue, it is necessary to load the module on the node and restart the container:

[root@node ~]# modprobe ipt_TTL
[root@node ~]# vzctl restart CTID

In order to fix the issue permanently, it is necessary to add the required modules to load automatically. Refer to this article for more information:
Managing iptables modules in containers

Search words:

Error: rst_restore_net: -22




2897d76d56d2010f4e3a28f864d69223 ca05eaf5b843fbd53589c90d7228a6df bf1c3a170005eae151f49ba2720abde9 eb0ea3b827d18de2329b6477e24c1d59 909d99074e442b52ce54cc7b31cf065d

FEEDBACK
Was this article helpful?
Tell us how we may improve it.
Yes No
 
 
 
 
 
 
Desktop Virtualization
- Parallels Desktop 8 for Mac
- Parallels Transporter
- Parallels Desktop Switch to Mac Edition
- Parallels Desktop for Mac Enterprise Edition
- Parallels Management-Mac for Microsoft SCCM
Server Virtualization
- Parallels Cloud Server
- Parallels Containers for Windows 6.0 Beta
- Parallels Virtuozzo Containers
Automation
- Parallels Automation
- Parallels Automation for Cloud Infrastructure
- Parallels Business Automation Standard
- Parallels Virtual Automation
- Parallels Plesk Panel Suite
- Web Presence Builder
- Parallels Plesk Automation
- Parallels Small Business Panel
- Value-added Services for Hosters
- Parallels Partner Storefront
Services & Resources
- Cloud Acceleration Services
- Professional Services
- Support Services
- Training & Certification