| View previous topic :: View next topic |
| Author |
Message |
Elbryan
Guru
Joined: 13 Nov 2006
Posts: 523
Location: Rovereto (TN)
|
 Posted: Mon Apr 23, 2007 8:58 am Post subject: [solved] iptables e kernello 2.6.20-r6 |
 |
|
Hum.. iptables non vuole sapere di andare..
In pratica l'unica cosa che sa dirmi è:
| Code: |
FATAL: Module ip_tables not found.
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
|
Premetto che il supporto per iptables nel kernel è configurato:
| Code: |
elbryan@tux /usr/src/linux $ cat .config | grep TABLES
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_NETFILTER_XTABLES=y
CONFIG_IP_NF_IPTABLES=y
# CONFIG_IP_NF_ARPTABLES is not set
|
Premetto che iptables lo ho ricompilato dopo aver aggiornato il kernel
| Code: |
- - extensions : Enable support for 3rd patch-o-matic extensions
- - imq : Enable support for intermediate queueing devices (http://www.linuximq.net)
+ + ipv6 : Adds support for IP version 6
- - l7filter : Enable support for layer 7 filtering (http://l7-filter.sourceforge.net)
- - static : !!do not set this during bootstrap!! Causes binaries to be statically linked instead of dynamically
|
Premetto che utilizzo kmyfirewall (nonostante io usi gnome però mi trovo bene con sto tool).
Prima di cambiare kernel caricavo lo script generato da kmyfirewall al boot e tutto andava alla grande..
Ora quell'errore..
Idee? Consigli? ^^
Last edited by Elbryan on Mon Apr 23, 2007 10:46 am; edited 1 time in total |
|
| Back to top |
|
 |
crisandbea
Veteran
Joined: 03 Jul 2005
Posts: 1778
Location: BOSCO (SA) ... ma domiciliato a Bologna....
|
| Posted: Mon Apr 23, 2007 9:14 am Post subject: |
|
|
verifica di aver caricato tutti i moduli per iptables,
ti posto tutto ciò che ho io, forse per te saranno troppe, vedi tu... 
| Code: |
cat /usr/src/linux/.config | grep IP_NF_ | grep -v \#
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_IPRANGE=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_TCPMSS=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
|
| Code: |
cat /usr/src/linux/.config | grep FILTER | grep -v \#
CONFIG_NETFILTER=y
CONFIG_NETFILTER_DEBUG=y
CONFIG_NETFILTER_XTABLES=m
CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
CONFIG_NETFILTER_XT_TARGET_MARK=m
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m
CONFIG_NETFILTER_XT_TARGET_NFLOG=m
CONFIG_NETFILTER_XT_MATCH_COMMENT=m
CONFIG_NETFILTER_XT_MATCH_DCCP=m
CONFIG_NETFILTER_XT_MATCH_DSCP=m
CONFIG_NETFILTER_XT_MATCH_ESP=m
CONFIG_NETFILTER_XT_MATCH_LENGTH=m
CONFIG_NETFILTER_XT_MATCH_LIMIT=m
CONFIG_NETFILTER_XT_MATCH_MAC=m
CONFIG_NETFILTER_XT_MATCH_MARK=m
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m
CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m
CONFIG_NETFILTER_XT_MATCH_REALM=m
CONFIG_NETFILTER_XT_MATCH_SCTP=m
CONFIG_NETFILTER_XT_MATCH_STATE=m
CONFIG_NETFILTER_XT_MATCH_STATISTIC=m
CONFIG_NETFILTER_XT_MATCH_STRING=m
CONFIG_PPP_FILTER=y |
| Code: |
cat /usr/src/linux/.config | grep TABLES | grep -v \#
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_NETFILTER_XTABLES=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_ARPTABLES=m
|
fatto ciò devi caricare :
| Code: |
modprobe ip_tables
modprobe iptable_filter
modprobe x_tables |
dopo di che dovrebbe funzionare.
ciauz |
|
| Back to top |
|
|
Elbryan
Guru
Joined: 13 Nov 2006
Posts: 523
Location: Rovereto (TN)
|
| Posted: Mon Apr 23, 2007 9:45 am Post subject: |
|
|
Ora mi da qualche errore in meno.. però il problema persiste..
| Code: |
tux linux # cat .config | grep IP_NF | grep -v \#
CONFIG_IP_NF_IPTABLES=y
CONFIG_IP_NF_MATCH_IPRANGE=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_FILTER=y
CONFIG_IP_NF_TARGET_LOG=y
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_TARGET_NETMAP=m
CONFIG_IP_NF_TARGET_SAME=m
CONFIG_IP_NF_MANGLE=y
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
tux linux # cat .config | grep FILTER | grep -v \#
CONFIG_NETFILTER=y
CONFIG_NETFILTER_DEBUG=y
CONFIG_NETFILTER_NETLINK=m
CONFIG_NETFILTER_XTABLES=y
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m
CONFIG_NETFILTER_XT_TARGET_NFLOG=m
CONFIG_NETFILTER_XT_TARGET_SECMARK=m
CONFIG_NETFILTER_XT_MATCH_LIMIT=y
CONFIG_NETFILTER_XT_MATCH_MAC=y
CONFIG_NETFILTER_XT_MATCH_POLICY=m
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m
CONFIG_NETFILTER_XT_MATCH_QUOTA=m
CONFIG_NETFILTER_XT_MATCH_REALM=m
CONFIG_NETFILTER_XT_MATCH_SCTP=m
CONFIG_IP_NF_FILTER=y
CONFIG_IP_NF_ARPFILTER=m
tux linux # cat .config | grep TABLES | grep -v \#
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_NETFILTER_XTABLES=y
CONFIG_IP_NF_IPTABLES=y
CONFIG_IP_NF_ARPTABLES=m
|
| Code: |
tux linux # modprobe ip_tables
FATAL: Module ip_tables not found.
tux linux # modprobe iptable_filter
FATAL: Module iptable_filter not found.
tux linux # modprobe x_tables
FATAL: Module x_tables not found.
|
Bah.. mi suona sempre molto strano ogni tanto linux ghgh.. |
|
| Back to top |
|
|
crisandbea
Veteran
Joined: 03 Jul 2005
Posts: 1778
Location: BOSCO (SA) ... ma domiciliato a Bologna....
|
| Posted: Mon Apr 23, 2007 9:59 am Post subject: |
|
|
dopo aver ricompilato il kernel aggiungendo le varie voci, hai riemerso iptables???
i moduli non vengono caricati perchè li hai messi come built-in.
ciauz |
|
| Back to top |
|
|
Elbryan
Guru
Joined: 13 Nov 2006
Posts: 523
Location: Rovereto (TN)
|
| Posted: Mon Apr 23, 2007 10:03 am Post subject: |
|
|
fatto.. riemerso e modprobato ma sempre not found..
Ho riprovato a lanciare lo script
| Code: |
tux elbryan # sh /etc/kmyfirewall/kmyfirewall.sh restart
Clearing iptables (created by KMyFirewall)... Done.
Starting iptables (created by KMyFirewall)... FATAL: Module ip_tables not found.
FATAL: Module ipt_LOG not found.
FATAL: Module ipt_limit not found.
FATAL: Module ipt_state not found.
FATAL: Module ip_conntrack_ftp not found.
FATAL: Module ip_conntrack_irc not found.
FATAL: Module iptable_filter not found.
FATAL: Module iptable_mangle not found.
Done.
|
|
|
| Back to top |
|
|
crisandbea
Veteran
Joined: 03 Jul 2005
Posts: 1778
Location: BOSCO (SA) ... ma domiciliato a Bologna....
|
| Posted: Mon Apr 23, 2007 10:06 am Post subject: |
|
|
| Elbryan wrote: | fatto.. riemerso e modprobato ma sempre not found..
Ho riprovato a lanciare lo script
| Code: |
tux elbryan # sh /etc/kmyfirewall/kmyfirewall.sh restart
Clearing iptables (created by KMyFirewall)... Done.
Starting iptables (created by KMyFirewall)... FATAL: Module ip_tables not found.
FATAL: Module ipt_LOG not found.
FATAL: Module ipt_limit not found.
FATAL: Module ipt_state not found.
FATAL: Module ip_conntrack_ftp not found.
FATAL: Module ip_conntrack_irc not found.
FATAL: Module iptable_filter not found.
FATAL: Module iptable_mangle not found.
Done.
|
|
non devi modprobare nulla, visto che li hai messi come built-in nel kernel. e spero che dopo aver compilato il kernel lo hai salvato in boot.
ciauz |
|
| Back to top |
|
|
Elbryan
Guru
Joined: 13 Nov 2006
Posts: 523
Location: Rovereto (TN)
|
| Posted: Mon Apr 23, 2007 10:45 am Post subject: |
|
|
sistemato..
Sìsì salvato in boot.. ovvio 
Non son messo così male con linux.. più o meno i passaggi per far andare un kernel li conosco (ho solo un dubbio su cosa serva il System.map e basta).
Coomunque.. è tutto a posto.
Ho compilato praticamente tutta la networking come modulo ed ora funge tutto a meraviglia ^^
In teoria si può lasciare built-in ma bisogna modificare lo script.. tanto per quanto mi riguarda lo lascio come modulo..
Grazie ^^ |
|
| Back to top |
|
|
crisandbea
Veteran
Joined: 03 Jul 2005
Posts: 1778
Location: BOSCO (SA) ... ma domiciliato a Bologna....
|
| Posted: Mon Apr 23, 2007 5:57 pm Post subject: |
|
|
| Elbryan wrote: | sistemato..
Sìsì salvato in boot.. ovvio
Non son messo così male con linux.. più o meno i passaggi per far andare un kernel li conosco (ho solo un dubbio su cosa serva il System.map e basta).
Coomunque.. è tutto a posto.
|
non volevo mica dire nulla su come tu fossi messo con Linux, ho solo detto ciò che andrebbe fatto, e che a volte può capitare di dimenticare anche il più esperto di stò mondo, tutto qua.
| Quote: |
Ho compilato praticamente tutta la networking come modulo ed ora funge tutto a meraviglia ^^
In teoria si può lasciare built-in ma bisogna modificare lo script.. tanto per quanto mi riguarda lo lascio come modulo..
Grazie ^^ |
ciauz |
|
| Back to top |
|
|
|
Forum italiano (Italian)
