When I tried to run an iptables command in the Proxmox OpenVZ vm, I got the following error:
# iptables -t nat -A POSTROUTING -o venet -j MASQUERADE && iptables-save
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
The IPTABLES_MODULES in /etv/vz/vz.conf on the Proxmox host looks like this:
IPTABLES_MODULES="iptable_filter, iptable_mangle, ipt_limit, ipt_multiport, ipt_tos, ipt_TOS, ipt_REJECT, ipt_TCPMSS, ipt_tcpmss, ipt_ttl, ipt_LOG, ipt_length, ip_conntrack, ip_conntrack_ftp, ip_conntrack_irc, ipt_conntrack, ipt_state, ipt_helper, iptable_nat, ip_nat_ftp, ip_nat_irc, ipt_REDIRECT, xt_mac, ipt_recent, ipt_owner"
The Proxmox host kernel version:
# uname -a
Linux pve 2.6.32-39-pve #1 SMP Wed Jun 24 06:39:42 CEST 2015 x86_64 GNU/Linux
The iptables module has been loaded in the Proxmox host, but why I cannot add iptables rules in the vm?
Best Answer
Problem solved by changing
IPTABLES_MODULEStoIPTABLESin /etc/vz/vz.conf.