| View previous topic :: View next topic |
| Author |
Message |
BossOfTheGame
n00b
Joined: 14 Feb 2008
Posts: 49
|
 Posted: Wed Feb 27, 2008 1:29 am Post subject: iptables calls for a kernel upgrade? |
 |
|
I'm attempting to turn my gentoo box into a router and when I run itables -F it gives me this error:
iptables v1.3.8: can't initialize iptables table 'filter': Table does not exist ( do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded
I really don't know what to make of this error message. I'm not very savvy about kernel configurations or networking. Can anyone tell me what I should do? |
|
| Back to top |
|
 |
oldnavy23
Tux's lil' helper
Joined: 09 Jul 2007
Posts: 86
Location: USA
|
|
| Back to top |
|
|
didymos
Advocate
Joined: 10 Oct 2005
Posts: 4798
Location: California
|
| Posted: Wed Feb 27, 2008 1:52 am Post subject: |
|
|
Your kernel probably doesn't have netfilter support built into it, and also not as modules. You'll have to build a new kernel with that stuff enabled. Basically, the easiest thing to do is do a "make menuconfig" in /usr/src/linux, then go to:
| Quote: |
Networking --->
Networking options --->
[ * ] Network packet filtering framework (Netfilter) --->
Core Netfilter Configuration --->
IP: Netfilter Configuration --->
|
Under each of those, enable everything as modules. On the current kernels, it'll take about a whole meg of disk space up. I.e., not much. That way, you don't have to worry about which specific module is needed for which specific feature. You can write your rules for iptables and whatever is needed will get used. There's also stuff for doing filtering with bridges, but it's safe to leave that stuff disabled. Later, if you feel like it, you can research the various features and get rid of some of the modules you know you'll never use.
I'm curious, though, why you're trying to do "iptables -F". If you don't have any rules yet, then there's nothing to flush.
_________________
Thomas S. Howard |
|
| Back to top |
|
|
BossOfTheGame
n00b
Joined: 14 Feb 2008
Posts: 49
|
| Posted: Wed Feb 27, 2008 2:22 am Post subject: |
|
|
After I enable all those things as modules I have to run make && make modules_install right?
To answer your question about using -F, thats what the tutorial told me to do 
EDIT: I did do a make && modules_install and then a cp arch/i386/boot/bzImage /boot/kernel-2.6.23-gentoo-r8
then I rebooted and when I ran the same command I got the same error |
|
| Back to top |
|
|
mmoufid
n00b
Joined: 21 Aug 2007
Posts: 22
Location: Ottawa ON
|
| Posted: Thu Feb 28, 2008 3:58 pm Post subject: |
|
|
| BossOfTheGame wrote: | EDIT: I did do a make && modules_install and then a cp arch/i386/boot/bzImage /boot/kernel-2.6.23-gentoo-r8
then I rebooted and when I ran the same command I got the same error |
As didymos said, make sure you have all the networking support you want in your kernel:
| Code: | Networking --->
Networking options --->
[*] Network packet filtering framework (Netfilter) --->
IP: Netfilter Configuration --->
<M> IP tables support (required for filtering/masq/NAT) |
Do you have support for automatic module loading in your kernel?
| Code: | | [*] Enable loadable module support ---> |
If not, you need to manually assign certain modules to load at boot:
| Code: | echo "ip_tables" >> /etc/modules.autoload.d/kernel-2.6
echo "iptable_filter" >> /etc/modules.autoload.d/kernel-2.6
update-modules |
|
|
| Back to top |
|
|
|
Networking & Security
