CSF на OpenVZ не подгружаются модули ip_tables

dyakoff:
А на ноде модуль подгружен? ВДС перезапускали?

root@hosted-by:# lsmod
Module Size Used by
vzethdev 5593 0
vznetdev 11601 4
simfs 2535 2
vzrst 109010 0
vzcpt 93585 0
vzmon 12945 6 vzethdev,vznetdev,vzrst,vzcpt
ip6t_REJECT 2140 0
ip6table_mangle 2619 0
ip6table_filter 1968 0
ip6_tables 8700 2 ip6table_mangle,ip6table_filter
xt_tcpudp 1743 71
ipt_REDIRECT 831 0
nf_nat_irc 1006 0
nf_nat_ftp 1519 0
iptable_nat 3615 0
nf_nat 10702 4 ipt_REDIRECT,nf_nat_irc,nf_nat_ftp,iptable_nat
xt_helper 879 0
xt_state 927 36
xt_conntrack 2491 0
nf_conntrack_irc 2535 1 nf_nat_irc
nf_conntrack_ftp 4276 1 nf_nat_ftp
nf_conntrack_ipv4 7835 39 iptable_nat,nf_nat
nf_conntrack 38543 10 nf_nat_irc,nf_nat_ftp,iptable_nat,nf_nat,xt_helper,xt_state,xt_conntrack,nf_conntrack_irc,nf_conntrack_ftp,nf_conntrack_ipv4
nf_defrag_ipv4 795 1 nf_conntrack_ipv4
xt_length 796 0
ipt_LOG 3698 6
xt_hl 925 0
xt_tcpmss 1017 0
xt_TCPMSS 2315 0
ipt_REJECT 1521 0
xt_DSCP 1825 0
xt_dscp 1261 0
xt_multiport 1775 0
xt_limit 1088 8
iptable_mangle 2377 0
iptable_filter 1842 2
ip_tables 7838 3 iptable_nat,iptable_mangle,iptable_filter
x_tables 8651 19 ip6t_REJECT,ip6_tables,xt_tcpudp,ipt_REDIRECT,iptable_nat,xt_helper,xt_state,xt_conntrack,xt_length,ipt_LOG,xt_hl,xt_tcpmss,xt_TCPMSS,ipt_REJECT,xt_DSCP,xt_dscp,xt_multiport,xt_limit,ip_tables
vzdquota 30157 2 [permanent]
vzdev 1284 4 vzethdev,vznetdev,vzmon,vzdquota
vzevent 1223 1
nfsd 195007 2
exportfs 2758 1 nfsd
nfs 209938 0
lockd 50758 2 nfsd,nfs
fscache 24678 1 nfs
nfs_acl 1695 2 nfsd,nfs
auth_rpcgss 25300 2 nfsd,nfs
sunrpc 137876 6 nfsd,nfs,lockd,nfs_acl,auth_rpcgss
loop 9777 0
radeon 539404 0
snd_pcm 47390 0
snd_timer 12274 1 snd_pcm
ttm 33602 1 radeon
snd 34439 2 snd_pcm,snd_timer
drm_kms_helper 18569 1 radeon
soundcore 3454 1 snd
drm 112652 3 radeon,ttm,drm_kms_helper
snd_page_alloc 5121 1 snd_pcm
i2c_algo_bit 3493 1 radeon
i2c_core 12787 4 radeon,drm_kms_helper,drm,i2c_algo_bit
dcdbas 3940 0
psmouse 44813 0
evdev 5613 1
iTCO_wdt 7965 0
shpchp 21248 0
iTCO_vendor_support 1301 1 iTCO_wdt
processor 26355 0
button 3606 0
i3200_edac 2223 0
pci_hotplug 18549 1 shpchp
pcspkr 1207 0
serio_raw 2920 0
edac_core 23117 2 i3200_edac
ext4 256904 3
mbcache 3762 1 ext4
jbd2 56251 1 ext4
crc16 1027 1 ext4
raid1 16375 3
md_mod 67441 4 raid1
sd_mod 26017 9
crc_t10dif 1012 1 sd_mod
ata_generic 2247 0
ata_piix 17788 7
libata 116205 2 ata_generic,ata_piix
thermal 9226 0
thermal_sys 9378 2 processor,thermal
tg3 96277 0
libphy 11642 1 tg3
uhci_hcd 16145 0
ehci_hcd 29113 0
scsi_mod 105057 2 sd_mod,libata
usbcore 99777 3 uhci_hcd,ehci_hcd
nls_base 4541 1 usbcore

sstyle:
при этом на VPS "modprobe ipt_LOG" говорит что модуль не найден. как быть?

sstyle:
root@hosted-by:# lsmod
...
ipt_LOG 3698 6
...

perl /etc/csf/csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...FAILED [Error: iptables: Unknown error 4294967295] - Required for CONNLIMIT feature
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

root@hosted-by:~# lsmod
Module Size Used by
vzethdev 5593 0
vznetdev 11601 4
simfs 2535 2
vzrst 109010 0
vzcpt 93585 0
vzmon 12945 6 vzethdev,vznetdev,vzrst,vzcpt
ip6t_REJECT 2140 0
ip6table_mangle 2619 0
ip6table_filter 1968 0
ip6_tables 8700 2 ip6table_mangle,ip6table_filter
xt_tcpudp 1743 71
ipt_REDIRECT 831 0
nf_nat_irc 1006 0
nf_nat_ftp 1519 0
iptable_nat 3615 0
nf_nat 10702 4 ipt_REDIRECT,nf_nat_irc,nf_nat_ftp,iptable_nat
xt_helper 879 0
xt_state 927 36
xt_connlimit 2323 0
....
....

aptitude install xtables-addons-source
wget http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab055.12/vzkernel-devel-2.6.32-042stab055.12.x86_64.rpm
alien -i vzkernel-devel-2.6.32-042stab055.12.x86_64.rpm
m-a prepare
m-a -v -t auto-install xtables-addons

/etc/modules --> прописываем, чтобы модуль загружался сразу после перезагрузки.

iptables -A INPUT -p tcp -m connlimit --connlimit-above 5 --dport 80 -j DROP

Err http://mirror.yandex.ru/debian/ testing/main libglib2.0-0 i386 2.30.2-6
404 Not Found [IP: 213.180.204.183 80]
Err http://mirror.yandex.ru/debian/ testing/main libcroco3 i386 0.6.4-2
404 Not Found [IP: 213.180.204.183 80]
Get: 7 http://mirror.yandex.ru/debian/ testing/main librtmp0 i386 2.4+20111222.git4e06e21-1 [62.7 kB]
Err http://mirror.yandex.ru/debian/ testing/main libssh2-1 i386 1.2.8-2
404 Not Found [IP: 213.180.204.183 80]
Err http://mirror.yandex.ru/debian/ testing/main libcurl3-gnutls i386 7.24.0-1
404 Not Found [IP: 213.180.204.183 80]
Get: 8 http://mirror.yandex.ru/debian/ testing/main libunistring0 i386 0.9.3-5 [442 kB]
Err http://mirror.yandex.ru/debian/ testing/main git-man all 1:1.7.9-1
404 Not Found [IP: 213.180.204.183 80]
Err http://mirror.yandex.ru/debian/ testing/main git i386 1:1.7.9-1
404 Not Found [IP: 213.180.204.183 80]
Err http://mirror.yandex.ru/debian/ testing/main autopoint all 0.18.1.1-5
404 Not Found [IP: 213.180.204.183 80]
Err http://mirror.yandex.ru/debian/ testing/main gettext i386 0.18.1.1-5
404 Not Found [IP: 213.180.204.183 80]
Get: 9 http://mirror.yandex.ru/debian/ testing/main po-debconf all 1.0.16+nmu2 [224 kB]
Err http://mirror.yandex.ru/debian/ testing/main debhelper all 9.20120115
404 Not Found [IP: 213.180.204.183 80]
Err http://mirror.yandex.ru/debian/ testing/main iptables-dev i386 1.4.12.2-1
404 Not Found [IP: 213.180.204.183 80]
Err http://mirror.yandex.ru/debian/ testing/main libglib2.0-data all 2.30.2-6
404 Not Found [IP: 213.180.204.183 80]
Get: 10 http://mirror.yandex.ru/debian/ testing/main module-assistant all 0.11.4 [115 kB]
Get: 11 http://mirror.yandex.ru/debian/ testing/main pkg-config i386 0.26-1 [58.7 kB]
Err http://mirror.yandex.ru/debian/ testing/main shared-mime-info i386 0.90-1
404 Not Found [IP: 213.180.204.183 80]
Err http://mirror.yandex.ru/debian/ testing/main xtables-addons-source all 1.40-1
404 Not Found [IP: 213.180.204.183 80]
Fetched 1,116 kB in 4s (267 kB/s)
Selecting previously unselected package libffi5.
(Reading database ... 38255 files and directories currently installed.)
Unpacking libffi5 (from .../libffi5_3.0.10-3_i386.deb) ...
Selecting previously unselected package libunistring0.
Unpacking libunistring0 (from .../libunistring0_0.9.3-5_i386.deb) ...
Selecting previously unselected package librtmp0.
Unpacking librtmp0 (from .../librtmp0_2.4+20111222.git4e06e21-1_i386.deb) ...
Selecting previously unselected package html2text.
Unpacking html2text (from .../html2text_1.3.2a-15_i386.deb) ...
Selecting previously unselected package liberror-perl.
Unpacking liberror-perl (from .../liberror-perl_0.17-1_all.deb) ...
Selecting previously unselected package libsys-hostname-long-perl.
Unpacking libsys-hostname-long-perl (from .../libsys-hostname-long-perl_1.4-2_all.deb) ...
Selecting previously unselected package libmail-sendmail-perl.
Unpacking libmail-sendmail-perl (from .../libmail-sendmail-perl_0.79.16-1_all.deb) ...
Selecting previously unselected package module-assistant.
Unpacking module-assistant (from .../module-assistant_0.11.4_all.deb) ...
Processing triggers for man-db ...
Setting up libffi5 (3.0.10-3) ...
Setting up libunistring0 (0.9.3-5) ...
Setting up librtmp0 (2.4+20111222.git4e06e21-1) ...
Setting up html2text (1.3.2a-15) ...
Setting up liberror-perl (0.17-1) ...
Setting up libsys-hostname-long-perl (1.4-2) ...
Setting up libmail-sendmail-perl (0.79.16-1) ...
Setting up module-assistant (0.11.4) ...
E: Failed to fetch http://mirror.yandex.ru/debian/pool/main/g/glib2.0/libglib2.0-0_2.30.2-6_i386.deb: 404 Not Found [IP: 213.180.204.183 80]

E: Failed to fetch http://mirror.yandex.ru/debian/pool/main/g/glib2.0/libglib2.0-0_2.30.2-6_i386.deb: 404 Not Found [IP: 213.180.204.183 80]

poiuty:
Нет. На debian 6 (репы не из testing) без проблем все работало. И vzkernel-devel берите под свое ядро.
Так же на данный момент актуальное ядро rhel6
http://openvz.org/Download/kernel/rhel6/042stab072.10