ProxMox (openvz) IPTABLES how to:

[hostmedic]

since your hunting here - chances are you will want an easy to use editor - so use NANO.

nano /etc/vz/vz.conf

Then do Control W and SEARCH for IPTABLES

Comment out (by adding a # symbol to the line ) the current IPTABLES= line

and then copy/paste and add this line directly underneath the line you just commented out.

IPTABLES="ipt_REJECT ipt_recent ipt_owner ipt_REDIRECT ipt_tos ipt_TOS ipt_LOG ip_conntrack
ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"


It is important to make sure this is all in 1 line and that it does not wrap.

Now Control-S and save - overwriting the current file.

Finally do an /etc/init.d/vz restart
to restart openVZ.

Congratulations - your ProxMox VPE (openVz) server is now setup to allow IPTABLES

From here you can install CSF - install BFD/APF or your chosen IPTABLES based firewall.