How to Enable CSF on OpenVZ Container

August 30, 2009

On the node server :
Modify IPTABLES_MODULES on /etc/sysconfig/iptables-config

IPTABLES_MODULES="ip_conntrack_netbios_ns ipt_conntrack ipt_LOG ipt_owner ipt_state ip_conntrack_ftp iptable_nat ip_nat_ftp ip_tables ipt_multiport iptable_filter ipt_limit"

then launch : service iptables restart
to restart iptables services

Then modify IPTABLES on /etc/vz/vz.conf

IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp ip_tables ipt_conntrack ip_conntrack_ftp ipt_LOG ipt_owner"
then launch : /etc/init.d/vz restart