iptables: No chain/target/match by that name. That is one of the common error message shows up when we trying a iptables' rule in OpenVZ based VPS. If the chain and target are correct, it must be limited in kernel config.
Error message: iptables: No chain/target/match by that name.
Run "iptables -L" and get:
Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
Make sure the kernel is the latest or almost the latest version.
Run "lsmod" return blank:
Module Size Used by
Most likely the problem appear on an OpenVZ based VPS. As with all container-based virtualization, you are limited to the kernel modules provided by the host.
If you add the rule that require a kernel modules isn't virtualized, you will get the error: "No chain/target/match by that name".
To solve the problem, you can:
- submit a ticket to the host and request that they make the necessary kernel modules available to you. Most CS will happy to load the module for your VPS node.
- Use a VPS not based on containers but on full virtualization or paravirtualization, such as Xen, KVM or VMware.
- If you are using Xen, Kvm, or VM based VPS, try update your kernel and load the required module.