[Firehol-support] How to run firehol from within a container?

[Wojtek Swiatek]

Hello everyone

I have a systemd-nspawn container which will be the landing area of a VPN.
It will therefore, in addition to the existing host0 interface, have a tun0
one.
I was planning to use firehol to orchestrate the traffic.

Unfortunately, upon starting it with a basic configuration I immediately
get an error message:

----
root at openvpn ~# firehol try

 WARNING:
 --------
 FireHOL cannot find your current kernel configuration.
 Please, either compile your kernel with /proc/config,
 or make sure there is a valid kernel config in:
 /usr/src/linux/.config

 Because of this, FireHOL will simply attempt to load
 all kernel modules for the services used, without
 being able to detect failures.

FireHOL: Saving active firewall to a temporary file... Failed to list table
names in /proc/net/ip_tables_names: Permission denied
----


I can see and set iptable entries so I hope that this is something which
is non-blocking?

Thanks in advance fo any ideas!