By preloading some modules we fix two things. 1. Some sysctl settings like ip_conntrack_max are not set during boot because the module is not loaded at that time. 2. Passive ftp does not work through iptables without these modules.

jvanlieshout · DaanHoogland · commit bfccf439cfe1 · 2014-06-10T15:42:40.000+02:00
Signed-off-by: Daan Hoogland &lt;daan@onecht.net&gt;
diff --git a/tools/appliance/definitions/systemvm64template/postinstall.sh b/tools/appliance/definitions/systemvm64template/postinstall.sh
@@ -195,6 +195,16 @@ fix_vhdutil() {
   chmod a+x /bin/vhd-util
 }
 
+# Preload these module otherwise the sysctl settings will not be set, and pasive ftp will not work.
+fix_modules() {
+  cat >> /etc/modules << EOF
+nf_conntrack_ipv4
+nf_conntrack
+nf_conntrack_ftp
+nf_nat_ftp
+EOF
+}
+
 do_fixes() {
   fix_nameserver
   fix_inittab
@@ -203,6 +213,7 @@ do_fixes() {
   fix_locale
   fix_conntrackd
   fix_vhdutil
+  fix_modules
 }
 
 configure_apache2() {
diff --git a/tools/appliance/definitions/systemvmtemplate/postinstall.sh b/tools/appliance/definitions/systemvmtemplate/postinstall.sh
@@ -185,6 +185,16 @@ fix_vhdutil() {
   chmod a+x /bin/vhd-util
 }
 
+# Preload these module otherwise the sysctl settings will not be set, and pasive ftp will not work.
+fix_modules() {
+  cat >> /etc/modules << EOF
+nf_conntrack_ipv4
+nf_conntrack
+nf_conntrack_ftp
+nf_nat_ftp
+EOF
+}
+
 do_fixes() {
   fix_nameserver
   fix_inittab
@@ -193,6 +203,7 @@ do_fixes() {
   fix_locale
   fix_conntrackd
   fix_vhdutil
+  fix_modules
 }
 
 configure_apache2() {
