From: Andrey Ryabinin <ryabinin....@gmail.com> Allow nf_tables.ko module autloading from CT. Needed for iptables in centos 8.
https://jira.sw.ru/browse/PSBM-98211 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> (cherry picked from vz7 commit 18c67099330a ("ve/kmod, nf_tables: allow nf_tables.ko autoloading on request from ve.")) Signed-off-by: Konstantin Khorenko <khore...@virtuozzo.com> --- kernel/kmod.c | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/kmod.c b/kernel/kmod.c index 68aeed6587d6..f79970fa75e1 100644 --- a/kernel/kmod.c +++ b/kernel/kmod.c @@ -252,6 +252,7 @@ static const char * const ve0_allowed_mod[] = { "nfnetlink-subsys-1", /* NFNL_SUBSYS_CTNETLINK */ "nfnetlink-subsys-2", /* NFNL_SUBSYS_CTNETLINK_EXP */ "nfnetlink-subsys-3", /* NFNL_SUBSYS_QUEUE */ + "nfnetlink-subsys-10", /* nf_tables */ /* unix_diag */ "net-pf-16-proto-4-type-1", /* PF_NETLINK, NETLINK_SOCK_DIAG, AF_LOCAL */ _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
