How to control firewall in LCX container?

Post Reply
SergiyTs
New here
Posts: 2
Joined: Fri Feb 19, 2021 7:49 pm

How to control firewall in LCX container?

Post by SergiyTs »

Hello! I made LXC Ubuntu 18.04 container and currently installing environmental applications for my “project”. It’s moving forward quite OK but I’m hesitating about firewall security of the container. I installed ufw application in container to set the ports rules but found out that it is not fully supported by container's Ubunty – I’m getting errors when trying to set the rules. As I understood, QTS solves firewall issues with it’s own software and thus standard part of the Linux kernel related to firewall is missing in the installation (this is my conclusion after reading about similar issues). So, what is the right way to set-up Ubuntu container’s firewall? Should I remove uwf and use exclusively iptables?
Remark: I set up access to my container through the virtual switch and further to second physical adapter. Thus, container’s Ubuntu has separate external IP address and should have its own settings of firewall.
Hardware: TS-431P2. Firmware: 4.5.2.1594
SergiyTs
New here
Posts: 2
Joined: Fri Feb 19, 2021 7:49 pm

Re: How to control firewall in LCX container?

Post by SergiyTs »

Here is error message when I try to enable ufw (sudo ufw enable):
ERROR: problem running ufw-init
modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.2.8/modules.dep.bin'
modprobe: FATAL: Module nf_conntrack_ftp not found in directory /lib/modules/4.2.8
modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.2.8/modules.dep.bin'
modprobe: FATAL: Module nf_nat_ftp not found in directory /lib/modules/4.2.8
modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.2.8/modules.dep.bin'
modprobe: FATAL: Module nf_conntrack_netbios_ns not found in directory /lib/modules/4.2.8
iptables-restore: line 75 failed
iptables-restore: line 33 failed

Problem running '/etc/ufw/before.rules'
Problem running '/etc/ufw/user.rules'
Post Reply

Return to “Container Station”