返回列表 发帖

iptables: Memory allocation problem

主要的原因是 OpenVZ 超买造成 真实内存不够导致 或者虚拟机内存分配问题 基于 Xen 的 VPS 中执行则完全没有问题。 原文:
Unable to block ips using iptables on your VPS? Is your APF installation failing to work?

root@server [~]# iptables -I INPUT -s 123.123.123.123 -j DROP
iptables: Memory allocation problem
Resolution:

If you’re using OpenVZ for virtualization, you might have exceeded the limit of ‘numiptent’ parameter value. You may check if there are non-zero failcounts for the ‘numiptent’ parameter inside VPS:

# egrep "failcnt|numiptent" /proc/user_beancounters
If you’re an admin with the access to hardware node, increase a bit parameter value using following command. (Following command won’t work inside the VPS node)
#vzctl set VPS_ID --save --numiptent NEW_BARRIER:NEW_LIMIT
This should resolve the issue.

http://platonic.techfiz.info/2008/10/iptables-memory-allocation-problem/
http://www.core-admin.com/portal/kb-19032014-001-fixing-kernel-memory-allocation-problem
http://platonic.techfiz.info/tag/iptables/
http://forum.odin.com/threads/iptables-memory-allocation-problem.54536/

返回列表