分类: LINUX
2011-12-01 17:18:45
|
Hi, I just updated to linux kernel 2.1.22 and when trying to use iptables, I get the following answer: # iptables -L iptables v1.3.8: can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. I read on other forums that it could come from the /boot/config file. And it should be true, when I compare my file to old ones I see that lot of things aren't configured. Let's look at its Networking part: ============================================# # Networking # CONFIG_NET=y # # Networking options # CONFIG_PACKET=y # CONFIG_PACKET_MMAP is not set CONFIG_UNIX=y # CONFIG_NET_KEY is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y # # added by seb on 08/13/07 # enables conntrack #CONFIG_NF_CONNTRACK_ENABLED=m # CONFIG_NF_CONNTRACK=m CONFIG_NF_CONNTRACK_IPV4=m # CONFIG_IP_ADVANCED_ROUTER is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y # CONFIG_IP_PNP_BOOTP is not set # CONFIG_IP_PNP_RARP is not set # CONFIG_NET_IPIP is not set # CONFIG_NET_IPGRE is not set # CONFIG_IP_MROUTE is not set # CONFIG_ARPD is not set # CONFIG_SYN_COOKIES is not set # CONFIG_INET_AH is not set # CONFIG_INET_ESP is not set # CONFIG_INET_IPCOMP is not set # CONFIG_INET_XFRM_TUNNEL is not set CONFIG_INET_TUNNEL=y # CONFIG_INET_XFRM_MODE_TRANSPORT is not set # CONFIG_INET_XFRM_MODE_TUNNEL is not set # CONFIG_INET_XFRM_MODE_BEET is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set # CONFIG_INET6_XFRM_MODE_TRANSPORT is not set # CONFIG_INET6_XFRM_MODE_TUNNEL is not set # CONFIG_INET6_XFRM_MODE_BEET is not set # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_NETWORK_SECMARK is not set # # CONFIG_NETFILTER is not set # netfilter configuration by seb: # CONFIG_NETFILTER_NETLINK=m CONFIG_NF_CT_NETLINK=m CONFIG_NF_CONNTRACK_EVENTS=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set # CONFIG_BRIDGE is not set # CONFIG_VLAN_8021Q is not set # CONFIG_DECNET is not set # CONFIG_LLC2 is not set # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # # QoS and/or fair queueing # # CONFIG_NET_SCHED is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_NET_TCPPROBE is not set # CONFIG_HAMRADIO is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set ================================================= hope you can help me, thanks Sebastien. | |
 08-15-2007, 09:04 PM |
# |
|
Member
Registered: Jul 2006
Location: Joinville - SC, Brazil
Distribution: Gentoo, LinuxMint
Posts: 276
Blog Entries: 1 Rep:
 |
The problem I see is in "# CONFIG_NETFILTER is not set". Try to set this as module. If it still doesn't works, then try to set ALL the netfilter related stuff. |
| 08-16-2007, 05:00 AM |
# |
|
LQ Newbie
Registered: Aug 2007
Location: Stuttgart, Germany
Distribution: SUSE SLES 10
Posts: 8 Original Poster Rep:
 |
Hi, thanks for your help. I tried with CONFIG_NETFILTER=y but it did't gave better result I also copied my previous config file, with all Netfilter configuration inside and it didnt work as well. Here is all that have a link to Netfilter: # # Networking # CONFIG_NET=y # # Networking options # # CONFIG_NETDEBUG is not set CONFIG_PACKET=m CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=m CONFIG_NET_KEY=m CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_FWMARK=y CONFIG_IP_ROUTE_MULTIPATH=y # CONFIG_IP_ROUTE_MULTIPATH_CACHED is not set CONFIG_IP_ROUTE_VERBOSE=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y CONFIG_IP_PNP_BOOTP=y CONFIG_IP_PNP_RARP=y CONFIG_NET_IPIP=m CONFIG_NET_IPGRE=m CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y CONFIG_IP_PIMSM_V1=y CONFIG_IP_PIMSM_V2=y # CONFIG_ARPD is not set CONFIG_SYN_COOKIES=y CONFIG_INET_AH=m CONFIG_INET_ESP=m CONFIG_INET_IPCOMP=m CONFIG_INET_TUNNEL=m CONFIG_INET_DIAG=m CONFIG_INET_TCP_DIAG=m CONFIG_TCP_CONG_ADVANCED=y # # IPVS application helper # CONFIG_IP_VS_FTP=m CONFIG_IPV6=m CONFIG_IPV6_PRIVACY=y CONFIG_INET6_AH=m CONFIG_INET6_ESP=m CONFIG_INET6_IPCOMP=m CONFIG_INET6_TUNNEL=m CONFIG_IPV6_TUNNEL=m CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=m CONFIG_NETFILTER_NETLINK_QUEUE=m CONFIG_NETFILTER_NETLINK_LOG=m CONFIG_NETFILTER_XTABLES=m CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m CONFIG_NETFILTER_XT_TARGET_CONNMARK=m CONFIG_NETFILTER_XT_TARGET_MARK=m CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m CONFIG_NETFILTER_XT_TARGET_NOTRACK=m CONFIG_NETFILTER_XT_MATCH_COMMENT=m CONFIG_NETFILTER_XT_MATCH_CONNMARK=m CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m CONFIG_NETFILTER_XT_MATCH_DCCP=m CONFIG_NETFILTER_XT_MATCH_HELPER=m CONFIG_NETFILTER_XT_MATCH_LENGTH=m CONFIG_NETFILTER_XT_MATCH_LIMIT=m CONFIG_NETFILTER_XT_MATCH_MAC=m CONFIG_NETFILTER_XT_MATCH_MARK=m CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m CONFIG_NETFILTER_XT_MATCH_REALM=m CONFIG_NETFILTER_XT_MATCH_SCTP=m CONFIG_NETFILTER_XT_MATCH_STATE=m CONFIG_NETFILTER_XT_MATCH_STRING=m CONFIG_NETFILTER_XT_MATCH_TCPMSS=m # # IP: Netfilter Configuration # CONFIG_IP_NF_CONNTRACK=m # CONFIG_IP_NF_CT_ACCT is not set CONFIG_IP_NF_CONNTRACK_MARK=y CONFIG_IP_NF_CONNTRACK_EVENTS=y CONFIG_IP_NF_CONNTRACK_NETLINK=m CONFIG_IP_NF_CT_PROTO_SCTP=m CONFIG_IP_NF_FTP=m CONFIG_IP_NF_IRC=m CONFIG_IP_NF_NETBIOS_NS=m CONFIG_IP_NF_TFTP=m CONFIG_IP_NF_AMANDA=m CONFIG_IP_NF_PPTP=m CONFIG_IP_NF_QUEUE=m CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_IPRANGE=m CONFIG_IP_NF_MATCH_MULTIPORT=m CONFIG_IP_NF_MATCH_TOS=m CONFIG_IP_NF_MATCH_RECENT=m CONFIG_IP_NF_MATCH_ECN=m CONFIG_IP_NF_MATCH_DSCP=m CONFIG_IP_NF_MATCH_AH_ESP=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_MATCH_OWNER=m CONFIG_IP_NF_MATCH_ADDRTYPE=m CONFIG_IP_NF_MATCH_HASHLIMIT=m CONFIG_IP_NF_MATCH_POLICY=m CONFIG_IP_NF_MATCH_IPV4OPTIONS=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m CONFIG_IP_NF_TARGET_LOG=m CONFIG_IP_NF_TARGET_ULOG=m CONFIG_IP_NF_TARGET_TCPMSS=m CONFIG_IP_NF_NAT=m CONFIG_IP_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_TARGET_REDIRECT=m CONFIG_IP_NF_TARGET_NETMAP=m CONFIG_IP_NF_TARGET_SAME=m CONFIG_IP_NF_NAT_SNMP_BASIC=m CONFIG_IP_NF_NAT_IRC=m CONFIG_IP_NF_NAT_FTP=m CONFIG_IP_NF_NAT_TFTP=m CONFIG_IP_NF_NAT_AMANDA=m CONFIG_IP_NF_NAT_PPTP=m CONFIG_IP_NF_MANGLE=m CONFIG_IP_NF_TARGET_TOS=m CONFIG_IP_NF_TARGET_ECN=m CONFIG_IP_NF_TARGET_DSCP=m CONFIG_IP_NF_TARGET_TTL=m CONFIG_IP_NF_TARGET_CLUSTERIP=m CONFIG_IP_NF_RAW=m CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m CONFIG_IP_NF_ARP_MANGLE=m # # IPv6: Netfilter Configuration (EXPERIMENTAL) # CONFIG_IP6_NF_QUEUE=m CONFIG_IP6_NF_IPTABLES=m CONFIG_IP6_NF_MATCH_RT=m CONFIG_IP6_NF_MATCH_OPTS=m CONFIG_IP6_NF_MATCH_FRAG=m CONFIG_IP6_NF_MATCH_HL=m CONFIG_IP6_NF_MATCH_MULTIPORT=m CONFIG_IP6_NF_MATCH_OWNER=m CONFIG_IP6_NF_MATCH_IPV6HEADER=m CONFIG_IP6_NF_MATCH_AHESP=m CONFIG_IP6_NF_MATCH_EUI64=m CONFIG_IP6_NF_MATCH_POLICY=m CONFIG_IP6_NF_FILTER=m CONFIG_IP6_NF_TARGET_LOG=m CONFIG_IP6_NF_TARGET_REJECT=m CONFIG_IP6_NF_MANGLE=m CONFIG_IP6_NF_TARGET_HL=m CONFIG_IP6_NF_RAW=m # # DECnet: Netfilter Configuration # # CONFIG_DECNET_NF_GRABULATOR is not set I will try to rebuild my kernel from the beginning but if you have any idea, it would be great... thanks in advance, sébastien |
| 08-16-2007, 10:06 AM |
# | |
|
Member
Registered: Jul 2006
Location: Joinville - SC, Brazil
Distribution: Gentoo, LinuxMint
Posts: 276
Blog Entries: 1 Rep:
|
Ok, before any further, be sure you have loaded the following modules:
ip_tables ip_conntrack iptable_filter ipt_state use the command: #lsmod | grep ip If these modules aren't loaded, then use the following commands: modprobe ip_tables modprobe ip_conntrack modprobe iptable_filter modprobe ipt_state All the modules are loaded? Yes? If the answer is "yes", then just let us know it and I will think about other possibilities. If you don't, then you're gonna need to recompile your kernel with these modules. How are you doing to recompile it? Do you use the following commands to recompile it? make dep && make clean && make bzImage && make && make install && make modules && make modules_install If you don't, then what do you use? This website might be helpful too: Quote:
Last edited by sparc86; 08-16-2007 at 10:22 AM. | |
| 08-22-2007, 10:33 AM |
# |
|
LQ Newbie
Registered: Aug 2007
Location: Stuttgart, Germany
Distribution: SUSE SLES 10
Posts: 8 Original Poster Rep:
|
Ok, thanks a lot now it's working. I didn't installed iptables well, so thanks to make KERNEL_DIR=/usr/src/linux make install KERNEL_DIR=/usr/src/linux after running it I recompiled my kernek with: make dep make bzIamge make make install make modules then I copied the created files, modified grub and I can finally run iptables, thank you very much... now I hope I can have conntrackd running, but it still takes time. Not so easy to be a newbee  |
| 08-22-2007, 12:49 PM |
# |
|
Member
Registered: Jul 2006
Location: Joinville - SC, Brazil
Distribution: Gentoo, LinuxMint
Posts: 276
Blog Entries: 1 Rep:
|
Actually, I have updated to kernel 2.6.22 a few days ago. Then I realized that there are two issues which everyone might find problems: 1. iptables/netfilter 2. SATA disks Both because the order of it's options have been changed into the menuconfig, therefore you have to pay attention for that. So, if anyone is using old config files to compile the new .22, have to pay attention for the iptables/netfilter and the SATA disk configurations. |
| 09-19-2007, 04:40 AM |
# |
|
Member
Registered: May 2005
Location: Netherlands
Distribution: Slackware 13 Kernel 2.6.32.7
Posts: 63 Rep:
|
Hi Sparc86, Could you please tell me where these options can be found? I'm having problems getting my iptables up and running after a kernel update. I figured out that i'm missing the modules but don't know were to enable them in menuconfig... I must be going blind! Thanks! Robbert |
| 09-20-2007, 12:24 AM |
# | |
|
Member
Registered: Jul 2006
Location: Joinville - SC, Brazil
Distribution: Gentoo, LinuxMint
Posts: 276
Blog Entries: 1 Rep:
|
Quote:
Networking ---> Networking options ---> Network packet filtering framework (Netfilter) ---> Core Netfilter Configuration ---> Now just set the modules you need for your netfilter box. That's it, I hope now it works to you. Anyway, please let us know what happened, if it worked or not. | |
| 09-20-2007, 07:58 AM |
# |
|
Member
Registered: May 2005
Location: Netherlands
Distribution: Slackware 13 Kernel 2.6.32.7
Posts: 63 Rep:
|
iptables
Hi there, Finally i found the options with your help! Thanks! There quite easy to miss though! Unfortunately I am still getting the same errors when attempting to start Arno firewall. Therefor I still don't have internet access on my client PC's. Any suggestions? I have updated (Slackware) kernel from 2.6.18 to 2.6.20.19. I also updated arno firewall from 1.8.7-rc1 to 1.8.8i These are the error messages I'm getting when starting the firewall. Code: Setting up firewall rules:
-------------------------------------------------------------------------------
Accepting packets from the local loopback device
Enabling setting the maximum packet size via MSS
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables v1.3.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Enabling mangling TOS
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.8: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Logging of stealth scans (nmap probes etc.) enabled
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Logging of packets with bad TCP-flags enabled
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Logging of INVALID TCP packets disabled
Logging of INVALID UDP packets disabled
Logging of INVALID ICMP packets disabled
Logging of fragmented packets enabled
iptables: No chain/target/match by that name
Logging of access from reserved addresses enabled
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Setting up anti-spoof rules
iptables: No chain/target/match by that name
Reading custom rules from /etc/arno-iptables-firewall/custom-rules
Loading (user) plugins:
Loaded 0 plugin(s)...
iptables: No chain/target/match by that name
Setting up INPUT policy for the external net (INET):
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Enabling support for DHCP-assigned-IP (DHCP client)
Logging of explicitly blocked hosts enabled
Logging of denied local output connections enabled
Packets will NOT be checked for private source addresses
Allowing the whole world to connect to TCP port(s): 443 444 5000 8000 8004 8006 44337 35000:35200
Denying the whole world to send ICMP-requests(ping)
Logging of dropped ICMP-request(ping) packets enabled
iptables: No chain/target/match by that name
Logging of dropped other ICMP packets enabled
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Logging of possible stealth scans enabled
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Logging of (other) connection attempts to PRIVILEGED TCP ports enabled
iptables: No chain/target/match by that name
Logging of (other) connection attempts to PRIVILEGED UDP ports enabled
iptables: No chain/target/match by that name
Logging of (other) connection attempts to UNPRIVILEGED TCP ports enabled
iptables: No chain/target/match by that name
Logging of (other) connection attempts to UNPRIVILEGED UDP ports enabled
iptables: No chain/target/match by that name
Logging of other IP protocols (non TCP/UDP/ICMP) connection attempts enabled
iptables: No chain/target/match by that name
Logging of ICMP flooding enabled
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Setting up OUTPUT policy for the external net (INET):
Allowing all (other) ports/protocols
Applying INET policy to external interface: eth0 (EXTERNAL_NET=192.168.0.0/24)
Setting up INPUT policy for internal (LAN) interface(s): eth1
Allowing ICMP-requests(ping)
iptables: No chain/target/match by that name
Allowing all (other) ports/protocols
iptables: No chain/target/match by that name
Setting up FORWARD policy for internal (LAN) interface(s): eth1
Logging of denied LAN->INET FORWARD connections enabled
Setting up LAN->INET policy:
Allowing ICMP-requests(ping)
iptables: No chain/target/match by that name
Allowing all (other) ports/protocols
Enabling masquerading(NAT) via external interface(s): eth0
Adding (internal) host(s): 192.168.0.0/24
iptables v1.3.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Security is ENFORCED for external interface(s) in the FORWARD chain
iptables: No chain/target/match by that nameThanks in advance! Robbert |
| 09-20-2007, 03:34 PM |
# | |
|
Member
Registered: Jul 2006
Location: Joinville - SC, Brazil
Distribution: Gentoo, LinuxMint
Posts: 276
Blog Entries: 1 Rep:
|
Quote:
Be sure you have loaded all the necessary modules. Eg: modprobe ip_tables modprobe ip_conntrack modprobe iptable_filter modprobe ipt_state If you did it, then try to load this firewall script again, it should works. If it still doesn't works, then you didn't add the correct modules into the menuconfig. | |
| 09-21-2007, 04:04 PM |
# |
|
Member
Registered: May 2005
Location: Netherlands
Distribution: Slackware 13 Kernel 2.6.32.7
Posts: 63 Rep:
|
Hi Sparc86, Thanks again! That was indeed the problem. Although other threads already pointed into that direction (including this one), somehow my .config file lost my changes a few times. Still trying to figure out why and what happened. I included all the necessary stuff in the kernel (not as module). But after your previous reply when I checked it again, I found that my last changes were gone. Anyways it's working now and I'm happy! That's all that counts! :-) Up to my next challenge, RAID-5! Thanks again! Robbert |
| 09-22-2007, 07:34 AM |
# | |
|
Member
Registered: Jul 2006
Location: Joinville - SC, Brazil
Distribution: Gentoo, LinuxMint
Posts: 276
Blog Entries: 1 Rep:
|
Quote:
You're welcome! |
