# CentOS server @openvz and connlimit iptables module, how to make it working?



## ICPH (May 27, 2014)

Hello,

an openvz host server and an virtual machine on it. virtual machine has loaded iptables modules.

But on VM a firewall (csf) test returns error:



> Testing xt_connlimit...FAILED [Error: iptables: Invalid argument. Run `dmesg' for more information.] - Required for CONNLIMIT feature


dmesg returns:



> ip_tables: connlimit match: invalid size 24 != 32


The relevant centos errors to this:

http://bugs.centos.org/view.php?id=5749
https://bugzilla.redhat.com/show_bug.cgi?id=521999

the openvz host server is centos 5.10 64 final and virtual machine is centos 6.4 64

Here is little bit more about modprobe iptables modules in question.

Please anyone can advice on how to fix this centOS bug to make connlimit module work on virtual machine? Thank you


----------



## jarland (May 27, 2014)

http://openvz.org/Man/vzctl.8#Netfilter_.28iptables.29_control_parameters


I believe that will take care of it.


----------



## vps.systems (May 28, 2014)

Check for http://www.webhostrepo.com/blog/enable-iptables-modules-for-a-vps or http://piyecarane.wordpress.com/2009/08/30/how-to-enable-csf-on-openvz-container/


----------

