From: Vasily Averin <v...@virtuozzo.com> Patch enables autoload of iptable_security and ip6table_security from inside containers.
It decreases number of errors generated during firewalld start. https://jira.sw.ru/browse/PSBM-98212 Signed-by: Vasily Averin <v...@virtuozzo.com> (cherry picked from vz7 commit 77a471044478 ("ve/kmod: enable autoload for iptables security tables from inside CT") Signed-off-by: Konstantin Khorenko <khore...@virtuozzo.com> --- kernel/kmod.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/kmod.c b/kernel/kmod.c index 3a445d4e2734..f3bd4afb81e1 100644 --- a/kernel/kmod.c +++ b/kernel/kmod.c @@ -206,10 +206,12 @@ static const char * const ve0_allowed_mod[] = { "ip6_tables", "iptable_filter", "iptable_raw", + "iptable_security", "iptable_nat", "iptable_mangle", "ip6table_filter", "ip6table_raw", + "ip6table_security", "ip6table_nat", "ip6table_mangle", _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
