since your hunting here - chances are you will want an easy to use editor - so use NANO.
nano /etc/vz/vz.conf
Then do Control W and SEARCH for IPTABLES
Comment out (by adding a # symbol to the line ) the current IPTABLES= line
and then copy/paste and add this line directly underneath the line you just commented out.
IPTABLES="ipt_REJECT ipt_recent ipt_owner ipt_REDIRECT ipt_tos ipt_TOS ipt_LOG ip_conntrack
ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
It is important to make sure this is all in 1 line and that it does not wrap.
Now Control-S and save - overwriting the current file.
Finally do an /etc/init.d/vz restart
to restart openVZ.
Congratulations - your ProxMox VPE (openVz) server is now setup to allow IPTABLES
From here you can install CSF - install BFD/APF or your chosen IPTABLES based firewall.
nano /etc/vz/vz.conf
Then do Control W and SEARCH for IPTABLES
Comment out (by adding a # symbol to the line ) the current IPTABLES= line
and then copy/paste and add this line directly underneath the line you just commented out.
IPTABLES="ipt_REJECT ipt_recent ipt_owner ipt_REDIRECT ipt_tos ipt_TOS ipt_LOG ip_conntrack
ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
It is important to make sure this is all in 1 line and that it does not wrap.
Now Control-S and save - overwriting the current file.
Finally do an /etc/init.d/vz restart
to restart openVZ.
Congratulations - your ProxMox VPE (openVz) server is now setup to allow IPTABLES
From here you can install CSF - install BFD/APF or your chosen IPTABLES based firewall.
Last edited: