I'm running a VPS of a german provider and want to switch from Ubuntu to CentOS. There I tried to install firewalld (was not preinstalled), but it always fails with the error
ERROR: Failed to load nf_conntrack module: modprobe: ERROR: could not find module by name='nf_conntrack'
modprobe: ERROR: could not insert 'nf_conntrack': Function not implemented
modprobe: ERROR: Error running install command for nf_conntrack
modprobe: ERROR: could not insert 'nf_conntrack': Operation not permitted
Obviously the nf_conntrack kernel module was not found. Since this is a VPS, I cannot tinker with the kernel modules. On the support site of my provider I found a list of available kernel modules, for example:
ip_conntrack_netbios_ns
ipt_conntrack
ip_conntrack
ip_conntrack_ftp
ip_conntrack_irc
Since nf_conntrack is not listed here, does that mean, that I cannot use firewalld? Is it possible to run it without this module?
I guess I could use iptables, if I wanted to (it seems to run correctly). But as I have more experience with firewalld, I would like to stick with it.
CentOS Linux release 7.7.1908 (Core)
uname -a: Linux xxxxxx.xxxxxxxx.xxx 3.10.0-042stab140.1 #1 SMP Thu Aug 15 13:32:22 MSK 2019 x86_64 x86_64 x86_64 GNU/Linux
Try this one:
1.) mkdir /lib/modules/$(uname -r)
2.) touch /lib/modules/$(uname -r)/modules.{builtin,order}
3.) for i in /sys/module/*; do echo kernel/${i##**/}.ko; done >> /lib/modules/$(uname -r)/modules.builtin
4.) depmod -a
after processed all above steps please reboot your system and then just see boooooommmmmmmm###The problem is not that it's a VPS, the problem is that it's an OpenVZ VPS. These are not actually virtual machines, but containers. On these you cannot do anything with kernel modules without the intervention of the hosting provider.
I recommend you switch to another VPS, which is not based on OpenVZ or other container technology.