Rivoreo Source Code Repositories
src.rivoreo.one / vzctl / 68440c5a62fcd483a909351e39efb509ba16d6d9
commit68440c5a62fcd483a909351e39efb509ba16d6d9[log] [download]
authorKir Kolyshkin <kir@openvz.org>Thu Jun 26 15:15:51 2014 -0700
committerKir Kolyshkin <kir@openvz.org>Thu Jun 26 15:15:51 2014 -0700
treead52ce3fa61a5e40763394183f09b9927b6ec62b
parent9341df9870376fdc1a2316fb520c7ba935f1287f [diff]
vzctl.spec: don't disable conntracks if firewall is used

Unfortunately, conntracks is not only used for NAT/MASQERADE,
but also for 'state RELATED,ESTABLISHED' iptables rules, so if
those are used, disabling conntracks will lead to non-working
networking on host system.

Therefore, add one more check (to one in commit f17350f) and
do not disable conntracks if state RELATED and/or ESTABLISHED
is used in current iptables rules.

Signed-off-by: Kir Kolyshkin <kir@openvz.org>
1 file changed
tree: ad52ce3fa61a5e40763394183f09b9927b6ec62b
  1. .gear-rules
  2. .gitignore
  3. COPYING
  4. ChangeLog
  5. INSTALL
  6. Makefile.am
  7. acinclude.m4
  8. autogen.sh
  9. bin/
  10. configure.ac
  11. etc/
  12. include/
  13. man/
  14. paths.am
  15. pathsubst.am
  16. scripts/
  17. setver.sh
  18. src/
  19. vzctl.spec