[Firehol-support] How to run firehol from within a container?

Wojtek Swiatek w at swtk.info
Sun Jan 27 16:28:39 GMT 2019

Hello everyone

I have a systemd-nspawn container which will be the landing area of a VPN.
It will therefore, in addition to the existing host0 interface, have a tun0
I was planning to use firehol to orchestrate the traffic.

Unfortunately, upon starting it with a basic configuration I immediately
get an error message:

root at openvpn ~# firehol try

 FireHOL cannot find your current kernel configuration.
 Please, either compile your kernel with /proc/config,
 or make sure there is a valid kernel config in:

 Because of this, FireHOL will simply attempt to load
 all kernel modules for the services used, without
 being able to detect failures.

FireHOL: Saving active firewall to a temporary file... Failed to list table
names in /proc/net/ip_tables_names: Permission denied

I can see and set iptable entries so I hope that this is something which
is non-blocking?

Thanks in advance fo any ideas!

More information about the Firehol-support mailing list