CSF Fix: iptables: No chain/target/match by that name

Unable to add a new block for an ip via CSF? Iptables modules are not loaded into your server’s kernel.

If you’re getting the following error on a OpenVZ VPS server:

iptables: No chain/target/match by that name

ACCEPT  udp opt — in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:953

Contact the DC to make a small change in OpenVZ iptables configuration in /etc/vz/vz.conf as follows:

IPTABLES=”ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp”

Once this line is added, they will restart your vps or all vps nodes on the hardware node will be restarted to make iptables modules available.

This should resolve the issue.

Published by

Omshivaprakash

Gnu/Linux Enthusiast, Kannadiga, Wikipedian, Amateur photographer, trekker and more

Leave a Reply

Your email address will not be published. Required fields are marked *