Trädvy Permalänk
Medlem
Registrerad
Jun 2007

Problem med iptables

Försöker få iptables att fungera, men men... har nästintill suttit med det hela dagen nu

Följde guiden på gentoo wiki (http://gentoo-wiki.com/HOWTO_Iptables_for_newbies)

men den vill inte hitta modulerna till iptables (vid modprobe ip_tables) och om man försöker göra något med iptables så får man upp

iptables v1.3.8: can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.

Här är hur jag confat i kerneln:

Linux kernel version: 2.6.23-gentoo-r6

# Networking # CONFIG_NET=y # # Networking options # CONFIG_PACKET=y # CONFIG_PACKET_MMAP is not set CONFIG_UNIX=y CONFIG_XFRM=y # CONFIG_XFRM_USER is not set # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_NET_KEY is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y # CONFIG_IP_ADVANCED_ROUTER is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y # CONFIG_IP_PNP_BOOTP is not set # CONFIG_IP_PNP_RARP is not set # CONFIG_NET_IPIP is not set # CONFIG_NET_IPGRE is not set # CONFIG_IP_MROUTE is not set # CONFIG_ARPD is not set # CONFIG_SYN_COOKIES is not set # CONFIG_INET_AH is not set # CONFIG_INET_ESP is not set # CONFIG_INET_IPCOMP is not set # CONFIG_INET_XFRM_TUNNEL is not set CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y # CONFIG_INET_XFRM_MODE_BEET is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IP_VS=y # CONFIG_IP_VS_DEBUG is not set CONFIG_IP_VS_TAB_BITS=12 # # Core Netfilter Configuration # # CONFIG_NETFILTER_NETLINK is not set CONFIG_NF_CONNTRACK_ENABLED=m CONFIG_NF_CONNTRACK=m CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y # CONFIG_NF_CT_PROTO_SCTP is not set # CONFIG_NF_CT_PROTO_UDPLITE is not set # CONFIG_NF_CONNTRACK_AMANDA is not set CONFIG_NF_CONNTRACK_FTP=m # CONFIG_NF_CONNTRACK_H323 is not set CONFIG_NF_CONNTRACK_IRC=m # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set # CONFIG_NF_CONNTRACK_PPTP is not set # CONFIG_NF_CONNTRACK_SANE is not set # CONFIG_NF_CONNTRACK_SIP is not set # CONFIG_NF_CONNTRACK_TFTP is not set CONFIG_NETFILTER_XTABLES=m CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m CONFIG_NETFILTER_XT_TARGET_CONNMARK=m # CONFIG_NETFILTER_XT_TARGET_DSCP is not set CONFIG_NETFILTER_XT_TARGET_MARK=m CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m # CONFIG_NETFILTER_XT_TARGET_NFLOG is not set CONFIG_NETFILTER_XT_TARGET_NOTRACK=m # CONFIG_NETFILTER_XT_TARGET_TRACE is not set CONFIG_NETFILTER_XT_TARGET_TCPMSS=m CONFIG_NETFILTER_XT_MATCH_COMMENT=m CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m CONFIG_NETFILTER_XT_MATCH_CONNMARK=m CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m CONFIG_NETFILTER_XT_MATCH_DCCP=m # CONFIG_NETFILTER_XT_MATCH_DSCP is not set # CONFIG_NETFILTER_XT_MATCH_ESP is not set CONFIG_NETFILTER_XT_MATCH_HELPER=m CONFIG_NETFILTER_XT_MATCH_LENGTH=m CONFIG_NETFILTER_XT_MATCH_LIMIT=m CONFIG_NETFILTER_XT_MATCH_MAC=m CONFIG_NETFILTER_XT_MATCH_MARK=m # CONFIG_NETFILTER_XT_MATCH_POLICY is not set # CONFIG_NETFILTER_XT_MATCH_MULTIPORT is not set CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m # CONFIG_NETFILTER_XT_MATCH_QUOTA is not set CONFIG_NETFILTER_XT_MATCH_REALM=m CONFIG_NETFILTER_XT_MATCH_SCTP=m CONFIG_NETFILTER_XT_MATCH_STATE=m # CONFIG_NETFILTER_XT_MATCH_STATISTIC is not set CONFIG_NETFILTER_XT_MATCH_STRING=m CONFIG_NETFILTER_XT_MATCH_TCPMSS=m # CONFIG_NETFILTER_XT_MATCH_U32 is not set # CONFIG_NETFILTER_XT_MATCH_HASHLIMIT is not set # # IP: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV4=m CONFIG_NF_CONNTRACK_PROC_COMPAT=y # CONFIG_IP_NF_QUEUE is not set CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_IPRANGE=m CONFIG_IP_NF_MATCH_TOS=m CONFIG_IP_NF_MATCH_RECENT=m CONFIG_IP_NF_MATCH_ECN=m CONFIG_IP_NF_MATCH_AH=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_MATCH_OWNER=m CONFIG_IP_NF_MATCH_ADDRTYPE=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m CONFIG_IP_NF_TARGET_LOG=m CONFIG_IP_NF_TARGET_ULOG=m CONFIG_NF_NAT=m CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_TARGET_REDIRECT=m CONFIG_IP_NF_TARGET_NETMAP=m CONFIG_IP_NF_TARGET_SAME=m CONFIG_NF_NAT_SNMP_BASIC=m CONFIG_NF_NAT_FTP=m CONFIG_NF_NAT_IRC=m # CONFIG_NF_NAT_TFTP is not set # CONFIG_NF_NAT_AMANDA is not set # CONFIG_NF_NAT_PPTP is not set # CONFIG_NF_NAT_H323 is not set # CONFIG_NF_NAT_SIP is not set CONFIG_IP_NF_MANGLE=m CONFIG_IP_NF_TARGET_TOS=m CONFIG_IP_NF_TARGET_ECN=m CONFIG_IP_NF_TARGET_TTL=m CONFIG_IP_NF_TARGET_CLUSTERIP=m CONFIG_IP_NF_RAW=m CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m CONFIG_IP_NF_ARP_MANGLE=m

Kan någon se vad det är jag har gjort fel?

Trädvy Permalänk
Medlem
Plats
Göteborg
Registrerad
Nov 2005
Citat:

men den vill inte hitta modulerna till iptables (vid modprobe ip_tables) och om man försöker göra något med iptables så får man upp

Jag har inte kört Gentoo men det kan ju vara så enkelt att du redan har iptables i kärnan; enklast är att helt enkelt skriva iptables -L och se vad du får för resultat. Posta gärna resultatet så dyker det säkert upp ett liten "Aha!"..

WS: ASUS P7P55D/i5-750, Hydro H50, XFX6950/2GB, Intel X25-V/2Tb lagring, Corsair VX-550
Server: ASUS, AMD Athlon64 X2 6000+ Scyte Ninja, NVidia GS8400Silent, 2Gb ram, ~4Tb SATA, 500W, CM Stileo500 (tyst)
"-Sometimes all that is needed is a high five. In the face. With a chair!"

Trädvy Permalänk
Medlem
Registrerad
Jun 2007

nej... har redan testat.

Citat:

iptables v1.3.8: can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.

Trädvy Permalänk
Medlem
Registrerad
Nov 2004

Kör du som root?

testa: sudo iptables -L

Trädvy Permalänk
Medlem
Registrerad
Jun 2007

ja >.<

Den verkar installera modulen iaf, men det vill sig inte:

raynor linux # make modules_install; modprobe ip_tables INSTALL arch/i386/video/fbdev.ko INSTALL drivers/ata/pata_sis.ko INSTALL drivers/ata/sata_sis.ko INSTALL drivers/char/agp/sis-agp.ko INSTALL drivers/input/mouse/psmouse.ko INSTALL drivers/scsi/scsi_wait_scan.ko INSTALL drivers/video/cfbcopyarea.ko INSTALL drivers/video/cfbfillrect.ko INSTALL drivers/video/cfbimgblt.ko INSTALL drivers/video/fb.ko INSTALL drivers/video/output.ko INSTALL drivers/video/sis/sisfb.ko INSTALL drivers/video/vga16fb.ko INSTALL drivers/video/vgastate.ko INSTALL lib/ts_bm.ko INSTALL lib/ts_fsm.ko INSTALL lib/ts_kmp.ko INSTALL net/ipv4/netfilter/arp_tables.ko INSTALL net/ipv4/netfilter/arpt_mangle.ko INSTALL net/ipv4/netfilter/arptable_filter.ko INSTALL net/ipv4/netfilter/ip_tables.ko INSTALL net/ipv4/netfilter/ipt_CLUSTERIP.ko INSTALL net/ipv4/netfilter/ipt_ECN.ko INSTALL net/ipv4/netfilter/ipt_LOG.ko INSTALL net/ipv4/netfilter/ipt_MASQUERADE.ko INSTALL net/ipv4/netfilter/ipt_NETMAP.ko INSTALL net/ipv4/netfilter/ipt_REDIRECT.ko INSTALL net/ipv4/netfilter/ipt_REJECT.ko INSTALL net/ipv4/netfilter/ipt_SAME.ko INSTALL net/ipv4/netfilter/ipt_TOS.ko INSTALL net/ipv4/netfilter/ipt_TTL.ko INSTALL net/ipv4/netfilter/ipt_ULOG.ko INSTALL net/ipv4/netfilter/ipt_addrtype.ko INSTALL net/ipv4/netfilter/ipt_ah.ko INSTALL net/ipv4/netfilter/ipt_ecn.ko INSTALL net/ipv4/netfilter/ipt_iprange.ko INSTALL net/ipv4/netfilter/ipt_owner.ko INSTALL net/ipv4/netfilter/ipt_recent.ko INSTALL net/ipv4/netfilter/ipt_tos.ko INSTALL net/ipv4/netfilter/ipt_ttl.ko INSTALL net/ipv4/netfilter/iptable_filter.ko INSTALL net/ipv4/netfilter/iptable_mangle.ko INSTALL net/ipv4/netfilter/iptable_nat.ko INSTALL net/ipv4/netfilter/iptable_raw.ko INSTALL net/ipv4/netfilter/nf_conntrack_ipv4.ko INSTALL net/ipv4/netfilter/nf_nat.ko INSTALL net/ipv4/netfilter/nf_nat_ftp.ko INSTALL net/ipv4/netfilter/nf_nat_irc.ko INSTALL net/ipv4/netfilter/nf_nat_snmp_basic.ko INSTALL net/netfilter/nf_conntrack.ko INSTALL net/netfilter/nf_conntrack_ftp.ko INSTALL net/netfilter/nf_conntrack_irc.ko INSTALL net/netfilter/x_tables.ko INSTALL net/netfilter/xt_CLASSIFY.ko INSTALL net/netfilter/xt_CONNMARK.ko INSTALL net/netfilter/xt_MARK.ko INSTALL net/netfilter/xt_NFQUEUE.ko INSTALL net/netfilter/xt_NOTRACK.ko INSTALL net/netfilter/xt_TCPMSS.ko INSTALL net/netfilter/xt_comment.ko INSTALL net/netfilter/xt_connbytes.ko INSTALL net/netfilter/xt_connlimit.ko INSTALL net/netfilter/xt_connmark.ko INSTALL net/netfilter/xt_conntrack.ko INSTALL net/netfilter/xt_dccp.ko INSTALL net/netfilter/xt_helper.ko INSTALL net/netfilter/xt_length.ko INSTALL net/netfilter/xt_limit.ko INSTALL net/netfilter/xt_mac.ko INSTALL net/netfilter/xt_mark.ko INSTALL net/netfilter/xt_pkttype.ko INSTALL net/netfilter/xt_realm.ko INSTALL net/netfilter/xt_sctp.ko INSTALL net/netfilter/xt_state.ko INSTALL net/netfilter/xt_string.ko INSTALL net/netfilter/xt_tcpmss.ko INSTALL net/netfilter/xt_tcpudp.ko if [ -r System.map -a -x /sbin/depmod ]; then /sbin/depmod -ae -F System.map 2.6.23-gentoo-r6; fi FATAL: Module ip_tables not found. raynor linux #

kollade igenom moduler lite. Jag vet att det fungerar att ladda andra moduler och ip_tables finns med i modules.dep.
Vet inte om det gör någon nytta, men fattar inte vaför det blir fel.

Löste det!
När man går efter guiden på gentoo-wiki så upptaderar man kerneln. Detta fungerade bra fast jag hade missat att datorn fortfarande boota från den gamla kerneln. Fixade så den boota den nya kerneln och nu funkar det.