| View previous topic :: View next topic |
| Author |
Message |
Woofles
Tux's lil' helper
Joined: 22 Mar 2003
Posts: 123
Location: North America
|
 Posted: Thu Apr 17, 2003 7:07 pm Post subject: Iptables Problem |
 |
|
Here is what I get when I try and run iptables
| Code: |
root@crapyserver Woofles # iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
/lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol nf_unregister_sockopt
/lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol nf_register_sockopt
/lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_tables.o: insmod /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_tables.o failed
/lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_tables.o: insmod ip_tables failed
iptables v1.2.7a: can't initialize iptables table `nat': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
root@crapyserver Woofles #
|
No matter what I try I can't seem to fix it, here is info on my system
| Code: |
root@crapyserver Woofles # uname -a
Linux crapyserver.hopto.org 2.4.20 #7 SMP Thu Apr 17 09:10:30 PDT 2003 i686 Intel(R) Pentium(R) 4 CPU 1400MHz GenuineIntel GNU/Linux
|
I also get quite a few errors when I type depmod -ae :
| Code: |
root@crapyserver Woofles # depmod -ae
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/ip_gre.o
depmod: nf_hook_slow
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/ipip.o
depmod: nf_hook_slow
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/arp_tables.o
depmod: nf_unregister_sockopt
depmod: nf_register_sockopt
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/arptable_filter.o
depmod: nf_unregister_hook
depmod: nf_register_hook
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o
depmod: nf_unregister_hook
depmod: nf_unregister_sockopt
depmod: ip_ct_attach
depmod: nf_register_hook
depmod: nf_register_sockopt
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_queue.o
depmod: nf_register_queue_handler
depmod: ip_route_me_harder
depmod: nf_unregister_queue_handler
depmod: nf_reinject
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_tables.o
depmod: nf_unregister_sockopt
depmod: nf_register_sockopt
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ipt_REJECT.o
depmod: ip_ct_attach
depmod: nf_hook_slow
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/iptable_filter.o
depmod: nf_unregister_hook
depmod: nf_register_hook
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/iptable_mangle.o
depmod: nf_unregister_hook
depmod: ip_route_me_harder
depmod: nf_register_hook
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/iptable_nat.o
depmod: nf_unregister_hook
depmod: ip_route_me_harder
depmod: nf_register_hook
depmod: *** Unresolved symbols in /lib/modules/2.4.20/kernel/net/packet/af_packet.o
depmod: sk_run_filter
|
I have all the proper things enabled on my kernel ( as far as I know.)
Thanks in advanced to anyone willing to try and help, if you need anymore info on my system or config just ask.
_________________
The idea of achieving security through national armament is, at the present state of military technique, a disastrous illusion. |
|
| Back to top |
|
 |
slartibartfasz
Veteran
Joined: 29 Oct 2002
Posts: 1462
Location: Vienna, Austria
|
| Posted: Fri Apr 18, 2003 8:51 am Post subject: |
|
|
looks like u messed up your kernel modules somehow - make sure u compile the kernel in the required order and dont leave out anything...
| Code: | make menuconfig
make dep && make clean
make bzImage
# copy kernel
make modules
make modules_install
|
even if u change modules only u have to do all the steps above... if this doesnt work try to compile the iptables into the kernel to see if the error is elsewhere...
_________________
To an engineer the glass is neither half full, nor half empty - it is just twice as big as it needs to be. |
|
| Back to top |
|
|
Woofles
Tux's lil' helper
Joined: 22 Mar 2003
Posts: 123
Location: North America
|
| Posted: Fri Apr 18, 2003 4:23 pm Post subject: |
|
|
| slartibartfasz wrote: | looks like u messed up your kernel modules somehow - make sure u compile the kernel in the required order and dont leave out anything...
| Code: | make menuconfig
make dep && make clean
make bzImage
# copy kernel
make modules
make modules_install
|
even if u change modules only u have to do all the steps above... if this doesnt work try to compile the iptables into the kernel to see if the error is elsewhere... |
That is how I compile the kernel make dep && make bzImage && make modules && make modules_install, I have also tried it in diffrent combinations... along with make clean.
This is what I have under NetFilter Configuration submenu of Networking OPTIONS:
| Code: |
<M> Connection tracking (required for masq/NAT)
<M> FTP protocol support
<M> IRC protocol support
<M> Userspace queueing via NETLINK (EXPERIMENTAL)
<M> IP tables support (required for filtering/masq/NAT)
<M> limit match support
<M> MAC address match support
<M> Packet type match support
<M> netfilter MARK match support
<M> Multiple port match support
<M> TOS match support
<M> ECN match support
<M> DSCP match support
<M> AH/ESP match support
<M> LENGTH match support
<M> TTL match support
<M> tcpmss match support
<M> Helper match support
<M> Connection state match support
<M> Connection tracking match support
<M> Unclean match support (EXPERIMENTAL)
<M> Owner match support (EXPERIMENTAL)
|
If they are something other than models IPTABLES gives me an errors such as | Code: |
modprobe: Can't locate module ip_tables
iptables v1.2.7a: can't initialize iptables table `nat': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
|
_________________
The idea of achieving security through national armament is, at the present state of military technique, a disastrous illusion. |
|
| Back to top |
|
|
CinqueX
n00b
Joined: 26 Jan 2003
Posts: 58
|
| Posted: Fri Apr 18, 2003 4:55 pm Post subject: Something I tried.. |
|
|
I had real problems with gentoo's iptables at one point as well.. the trick for me was:
1: Back up my .config
2: Do a make mrproper in /usr/src/(kernel dir)
3: Restore my .config to the kernel dir
4: Make menuconfig and compile all netfilter options directly into the kernel (ie: NO modules).
5: Usual kernel stuff (make deps, bzImage, modules, modules_install)
6: re-emerge iptables
If that doesn't work for you, I am at a complete loss
C. |
|
| Back to top |
|
|
Woofles
Tux's lil' helper
Joined: 22 Mar 2003
Posts: 123
Location: North America
|
| Posted: Fri Apr 18, 2003 7:43 pm Post subject: Re: Something I tried.. |
|
|
| CinqueX wrote: | I had real problems with gentoo's iptables at one point as well.. the trick for me was:
1: Back up my .config
2: Do a make mrproper in /usr/src/(kernel dir)
3: Restore my .config to the kernel dir
4: Make menuconfig and compile all netfilter options directly into the kernel (ie: NO modules).
5: Usual kernel stuff (make deps, bzImage, modules, modules_install)
6: re-emerge iptables
If that doesn't work for you, I am at a complete loss
C. |
I could have sworn I tried that before, it worked thanks
_________________
The idea of achieving security through national armament is, at the present state of military technique, a disastrous illusion. |
|
| Back to top |
|
|
|
Networking & Security
