Join Amazon Student FREE Two-Day Shipping for College Students!
5708

Fix No chain/target/match by that name iptables error on OpenVZ based VPS

Fix No chain/target/match by that name iptables error on OpenVZ based VPS

iptables: No chain/target/match by that name. That is one of the common error message shows up when we trying a iptables' rule in the VPS. If the chain and target are correct, it must be limited in kernel config.

Problem description:

Error message: iptables: No chain/target/match by that name.

Run "iptables -L" and get:

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Make sure the kernel is the latest or almost the latest version.

Run "lsmod" return blank:

Module     Size     Used by

Most likely the problem appear on an OpenVZ based VPS. As with all container-based virtualization, you are limited to the kernel modules provided by the host.

If you add the rule that require a kernel modules isn't virtualized, you will get the error: "No chain/target/match by that name".

Problem solution:

To solve the problem, you can:
1. submit a ticket to the host and request that they make the necessary kernel modules available to you. Most CS will happy to load the module for your VPS node.
2. Use a VPS not based on containers but on full virtualization or paravirtualization, such as Xen, KVM or VMware.

If you are using Xen, Kvm, or VM based VPS, try update your kernel and load the required module.

Leave a Reply

Your email address will not be published. Required fields are marked *

 

Your browser is out-of-date. Upgrade your browser today! Internet Explorer | FireFox | Chrome

X