Rivoreo Source Code Repositories
src.rivoreo.one / vzctl / ec8e48909b80c54d4576038ff9da52f3ff9f1293
commitec8e48909b80c54d4576038ff9da52f3ff9f1293[log] [download]
authorKir Kolyshkin <kir@openvz.org>Tue Oct 14 08:20:10 2014 -0700
committerKir Kolyshkin <kir@openvz.org>Mon Oct 20 14:26:05 2014 -0700
tree02481e95bcb72626243ecc887bb65ed55c5668bd
parentd9c3a148cabddd91011be5ef7eac680e9088a2db [diff]
vzctl.spec: fix iptables checking for RHEL5

Apparently, RHEL5 iptables does not support -S option, so
we have to use -L -n instead.

Also, any iptables state (not just RELATED,ESTABLISHED)
requires connection tracking.

Finally, some newer kernels/iptables have 'ctstate' not 'state'.

So, if any 'state' or SNAT/DNAT/MASQUERADE is used, we should
not try to disable VE0 connection tracking.

This is a fix to commits f17350f and 68440c5.

https://bugzilla.openvz.org/2755

Signed-off-by: Kir Kolyshkin <kir@openvz.org>
1 file changed
tree: 02481e95bcb72626243ecc887bb65ed55c5668bd
  1. .gear-rules
  2. .gitignore
  3. COPYING
  4. ChangeLog
  5. INSTALL
  6. Makefile.am
  7. acinclude.m4
  8. autogen.sh
  9. bin/
  10. configure.ac
  11. etc/
  12. include/
  13. man/
  14. paths.am
  15. pathsubst.am
  16. scripts/
  17. setver.sh
  18. src/
  19. vzctl.spec