LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 03-16-2005, 01:19 PM   #1
andy18
Member
 
Registered: Oct 2002
Location: Malaysia
Posts: 106

Rep: Reputation: 15
Kernel 2.6.x with APF firewall


I have just compiled the kernel on one my server which the kernel version is in 2.4.26 to 2.6.11.3 .

I compile the kernel using the old config I get from 2.4.26 and is booted successfully. However I am getting the error :

iptables v1.2.8: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

with Iptables does not loaded, the apf firewall is not loaded as well.

I recompile the kernel with the following options :

#
# Networking options
#
CONFIG_PACKET=y
CONFIG_PACKET_MMAP=y
# CONFIG_NETLINK_DEV is not set
CONFIG_NETFILTER=y
# CONFIG_NETFILTER_DEBUG is not set
CONFIG_FILTER=y
CONFIG_UNIX=y
CONFIG_INET=y
# CONFIG_IP_MULTICAST is not set
# CONFIG_IP_ADVANCED_ROUTER is not set
# CONFIG_IP_PNP is not set
# CONFIG_NET_IPIP is not set
# CONFIG_NET_IPGRE is not set
# CONFIG_ARPD is not set
# CONFIG_INET_ECN is not set
# CONFIG_SYN_COOKIES is not set

#
# IP: Netfilter Configuration
#
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_FTP=m
CONFIG_IP_NF_AMANDA=m
CONFIG_IP_NF_TFTP=m
# CONFIG_IP_NF_TALK is not set
# CONFIG_IP_NF_RSH is not set
# CONFIG_IP_NF_H323 is not set
# CONFIG_IP_NF_EGG is not set
CONFIG_IP_NF_CONNTRACK_MARK=y
CONFIG_IP_NF_IRC=m
# CONFIG_IP_NF_QUAKE3 is not set
# CONFIG_IP_NF_CT_PROTO_GRE is not set
# CONFIG_IP_NF_PPTP is not set
# CONFIG_IP_NF_MMS is not set
# CONFIG_IP_NF_CUSEEME is not set
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=m
# CONFIG_IP_NF_MATCH_RPC is not set
CONFIG_IP_NF_MATCH_LIMIT=m
# CONFIG_IP_NF_MATCH_QUOTA is not set
# CONFIG_IP_NF_POOL is not set
# CONFIG_IP_NF_MATCH_IPRANGE is not set
CONFIG_IP_NF_MATCH_MAC=m
CONFIG_IP_NF_MATCH_PKTTYPE=m
CONFIG_IP_NF_MATCH_MARK=m
CONFIG_IP_NF_MATCH_MULTIPORT=m
# CONFIG_IP_NF_MATCH_MPORT is not set
CONFIG_IP_NF_MATCH_TOS=m
# CONFIG_IP_NF_MATCH_RECENT is not set
# CONFIG_IP_NF_MATCH_TIME is not set
# CONFIG_IP_NF_MATCH_RANDOM is not set
# CONFIG_IP_NF_MATCH_PSD is not set
# CONFIG_IP_NF_MATCH_NTH is not set
# CONFIG_IP_NF_MATCH_IPV4OPTIONS is not set
# CONFIG_IP_NF_MATCH_FUZZY is not set
# CONFIG_IP_NF_MATCH_CONDITION is not set
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_DSCP=m
CONFIG_IP_NF_MATCH_AH_ESP=m
CONFIG_IP_NF_MATCH_LENGTH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_TCPMSS=m
# CONFIG_IP_NF_MATCH_STEALTH is not set
# CONFIG_IP_NF_MATCH_REALM is not set
CONFIG_IP_NF_MATCH_HELPER=m
CONFIG_IP_NF_MATCH_STATE=m
CONFIG_IP_NF_MATCH_CONNMARK=m
# CONFIG_IP_NF_MATCH_CONNLIMIT is not set
CONFIG_IP_NF_MATCH_CONNTRACK=m
CONFIG_IP_NF_MATCH_UNCLEAN=m
# CONFIG_IP_NF_MATCH_STRING is not set
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
# CONFIG_IP_NF_TARGET_NETLINK is not set
# CONFIG_IP_NF_TARGET_IPV4OPTSSTRIP is not set
CONFIG_IP_NF_TARGET_MIRROR=m
# CONFIG_IP_NF_TARGET_TARPIT is not set
# CONFIG_IP_NF_NAT is not set
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_DSCP=m
CONFIG_IP_NF_TARGET_MARK=m
# CONFIG_IP_NF_TARGET_IMQ is not set
# CONFIG_IP_NF_TARGET_CLASSIFY is not set
CONFIG_IP_NF_TARGET_LOG=m
# CONFIG_IP_NF_TARGET_ROUTE is not set
# CONFIG_IP_NF_TARGET_CONNMARK is not set
# CONFIG_IP_NF_TARGET_TTL is not set
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_TCPMSS=m
# CONFIG_IP_NF_ARPTABLES is not set
# CONFIG_IP_NF_COMPAT_IPCHAINS is not set
# CONFIG_IP_NF_COMPAT_IPFWADM is not set

Server booted fine and iptables loaded. However, when I attempt to restart the apf firewall ( to test ), I get the following messages :

FATAL: Module ipt_state already in kernel.
FATAL: Module ipt_multiport already in kernel.
FATAL: Module iptable_filter already in kernel.
FATAL: Module ipt_limit already in kernel.
FATAL: Module ipt_LOG already in kernel.
FATAL: Module ipt_REJECT already in kernel.
FATAL: Module ip_conntrack already in kernel.
FATAL: Module ip_conntrack_irc already in kernel.
FATAL: Module ip_conntrack_ftp already in kernel.
FATAL: Module iptable_mangle already in kernel.
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name

Can anyone light me up on this issue ?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
NIS behind apf firewall how to ravikumarG Linux - Networking 1 05-09-2005 04:21 PM
APF Firewall Rule Help embsupafly Linux - Security 1 03-08-2005 11:00 PM
APF firewall binumvk Linux - Security 2 10-14-2004 05:12 AM
APF Firewall issue nepcw Linux - Security 2 04-27-2004 02:55 PM
APF Firewall BlackRain Linux - Security 2 06-12-2003 08:40 AM


All times are GMT -5. The time now is 07:21 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration