iptables probs

[cybermans]

I have compiled a new kernel with iptables as a module (netfilter in). I emerged iptables after that. And now when i type iptables -F i get this not so nice msg:
root@laptop mans # iptables -F
/lib/modules/2.4.20-gentoo-r2/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol nf_unregister_sockopt
/lib/modules/2.4.20-gentoo-r2/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol nf_register_sockopt
/lib/modules/2.4.20-gentoo-r2/kernel/net/ipv4/netfilter/ip_tables.o: insmod /lib/modules/2.4.20-gentoo-r2/kernel/net/ipv4/netfilter/ip_tables.o failed
/lib/modules/2.4.20-gentoo-r2/kernel/net/ipv4/netfilter/ip_tables.o: insmod ip_tables failed
iptables v1.2.7a: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Does somebody knows what i did wrong (dont say be alive plz)
_________________
My weBlog
Linux compability list (hardware)

[Zombie[BRAAAINS]]

You need to

[splooge]

He's already emerged iptables =)

Looks like (one of) the netfilter option isn't compiled into the kernel.

grep CONFIG_NF_FILTER /usr/src/linux/.config and see if you've enabled it in your kernel.

[cybermans]

hmm cannot find the option u looking for. but here is my complete kernel config about the issue:
#
# Networking options
#
CONFIG_PACKET=y
# CONFIG_PACKET_MMAP is not set
# CONFIG_NETLINK_DEV is not set
CONFIG_NETFILTER=y
CONFIG_NETFILTER_DEBUG=y
# CONFIG_FILTER is not set
# CONFIG_NET_NEIGH_DEBUG is not set
# CONFIG_NET_RESTRICTED_REUSE is not set
CONFIG_UNIX=y
CONFIG_INET=y
CONFIG_IP_MULTICAST=y
# CONFIG_IP_ADVANCED_ROUTER is not set
# CONFIG_IP_PNP is not set
# CONFIG_NET_IPIP is not set
# CONFIG_NET_IPGRE is not set
# CONFIG_IP_MROUTE is not set
# CONFIG_ARPD is not set
# CONFIG_INET_ECN is not set
# CONFIG_SYN_COOKIES is not set

#
# IP: Netfilter Configuration
#
# CONFIG_IP_NF_CONNTRACK is not set
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=m
# CONFIG_IP_NF_MATCH_LIMIT is not set
# CONFIG_IP_NF_MATCH_QUOTA is not set
# CONFIG_IP_NF_POOL is not set
# CONFIG_IP_NF_MATCH_MAC is not set
# CONFIG_IP_NF_MATCH_PKTTYPE is not set
# CONFIG_IP_NF_MATCH_MARK is not set
# CONFIG_IP_NF_MATCH_MULTIPORT is not set
# CONFIG_IP_NF_MATCH_MPORT is not set
# CONFIG_IP_NF_MATCH_TOS is not set
# CONFIG_IP_NF_MATCH_TIME is not set
# CONFIG_IP_NF_MATCH_RANDOM is not set
# CONFIG_IP_NF_MATCH_PSD is not set
# CONFIG_IP_NF_MATCH_NTH is not set
# CONFIG_IP_NF_MATCH_IPV4OPTIONS is not set
# CONFIG_IP_NF_MATCH_FUZZY is not set
# CONFIG_IP_NF_MATCH_CONDITION is not set
# CONFIG_IP_NF_MATCH_ECN is not set
# CONFIG_IP_NF_MATCH_DSCP is not set
# CONFIG_IP_NF_MATCH_AH_ESP is not set
# CONFIG_IP_NF_MATCH_LENGTH is not set
# CONFIG_IP_NF_MATCH_TTL is not set
# CONFIG_IP_NF_MATCH_TCPMSS is not set
# CONFIG_IP_NF_MATCH_REALM is not set
# CONFIG_IP_NF_MATCH_STEALTH is not set
# CONFIG_IP_NF_MATCH_UNCLEAN is not set
# CONFIG_IP_NF_MATCH_OWNER is not set
CONFIG_IP_NF_FILTER=m
# CONFIG_IP_NF_TARGET_REJECT is not set
# CONFIG_IP_NF_TARGET_NETLINK is not set
# CONFIG_IP_NF_TARGET_IPV4OPTSSTRIP is not set
# CONFIG_IP_NF_TARGET_MIRROR is not set
# CONFIG_IP_NF_TARGET_TARPIT is not set
# CONFIG_IP_NF_MANGLE is not set
# CONFIG_IP_NF_TARGET_LOG is not set
# CONFIG_IP_NF_TARGET_TTL is not set
# CONFIG_IP_NF_TARGET_ULOG is not set
# CONFIG_IP_NF_TARGET_TCPMSS is not set
# CONFIG_IP_NF_ARPTABLES is not set
# CONFIG_IP_NF_COMPAT_IPCHAINS is not set
# CONFIG_IP_NF_COMPAT_IPFWADM is not set
# CONFIG_IPV6 is not set
# CONFIG_KHTTPD is not set
# CONFIG_ATM is not set
# CONFIG_VLAN_8021Q is not set
# CONFIG_IPX is not set
# CONFIG_ATALK is not set

/me is now logging off to compile some -u --deep world stuff (ie me is going to sleep)
_________________
My weBlog
Linux compability list (hardware)

[mart_man00]

im having the same problem. i compiled in iptables and made everything it netfilter a module (i have no idea what i actually need, any recomendations for a home desktop?).


i ran grep CONFIG_NF_FILTER /usr/src/linux/.config and got nothing back. i know the options are in menuconfig. i did remember to mount /boot so the new kernel gets booted.

thanks

[uxbod]

Take a look at this posting from the Gentoo ML it may help :

http://www.mail-archive.com/gentoo-user@gentoo.org/msg06584.html

[uxbod]

Okay, I had the same thing tonight but have managed to get it worked. Here is how for me <I AM NOT RESPONSIBLE IF IT ALL GOES WRONG!>

cd /usr/src/linux
cp .config /root/.config.bck
make mrproper
make menuconfig <come straight out and save config>
cp /root/.config.bck .config
emerge iptables
make dep && make clean; make bzImage; make modules; make modules_install

Then copy the new bzImage to your /boot partition (remember to mount it ) and reboot.

[mart_man00]

make sure you *disable* set version information on all modules.

thats i needed to get it to work. its in the module section of menuconfig.

thanks

[viperlin]

i have tryed the above:

uxbod's method ended badly with loads of Errors, now i have a good excuse to emerge gentoo-sources-2.4.20-r5 (currently emerging).

uxbod's Link now gives 404.
i have emerged iptables every new kernel i tryed.

my .config is here

[ttye0]

CONFIG_NF_FILTER in full in the .config file is CONFIG_IP_NF_FILTER

Thats the closest I can find in my config and I do have that compiled in and I'm currently compiling my kernel with CONFIG_NF_FILTER enabled as well. Lmao, I'm getting desperate for this to work because I'm getting no where with this error in hand...

elixry linux # insmod ip_tables -f
Using /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_tables.o
/lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol nf_unregister_sockopt_Red2cf067
/lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol nf_register_sockopt_R302d5d6c