Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Howdy all. I had setup a fairly simple, three subnet network I need for testing, on a Linux Redhat 7.3, 2.4.20-28 router. I needed to upgrade the router to FC2, and 2.6.8 kernel. Since then, my iptables script no longer works. I currently have iptables v 1.2.9 installed. I can bring up the service fine, but when I try to fire off the script I am getting a some modules it attempts to load cannot be found.
clip from rc.firewall script:
--------------------------------
echo -en "iptable_nat, "
#
#Verify the module isn't loaded. If it is, skip it
#
if [ -z "` $LSMOD | $GREP iptable_nat | $AWK {'print $1'} `" ]; then
$INSMOD iptable_nat
fi
corresponding error:
--------------------------
- Verifying that all kernel modules are ok
Loading kernel modules: ip_tables, ip_conntrack, ip_conntrack_ftp,
insmod: can't read 'ip_conntrack_ftp': No such file or directory
ip_conntrack_irc, insmod: can't read 'ip_conntrack_irc': No such file or directory
iptable_nat, insmod: can't read 'iptable_nat': No such file or directory
ip_nat_ftp
insmod: can't read 'ip_nat_ftp': No such file or directory
1st. to check is that the iptables rpm is for FC2..
Make sure there is only that iptables rpm installed.. do which -a iptables and rpm -ql iptables to verify the correct iptables prog is being used..
2nd. the modutils program needs to know about kernel v 2.6.8 Make sure it is the latest version available..
It won't be able to load some modules if it's incorrect..
3rd. check in /lib/modules/2.6.8~/kernel/net/ipv4/netfilter/ and see if the modules are there..
I was able to answer questions 1 and 3 that you posed, but I get "command not found" for modutils. I searched the entire drive for modutils "find / -name modutils" and came up with nothing. Not sure if I am missing something there, but I suspect this is where the problem lies.
Each of the modules that are reporting errors are in /lib/modules/2.6.8-1.521/kernel/net/ipv4/netfilter/, so that shouldn't be it.
As far as what version of iptables is being used. As far as I can tell, it executes from /sbin/iptables, and I do see that in the list that comes up from your commands.
Ok.. it looks like the correct version is there..
If it was all installed as part of FC2 it should be..
So it looks like the question is how come the modules can't be found..
Do depmod -a and look for module dependency errors..
Also make sure the latest modutils rpm is installed.. rpm -q modutils
should be modutils-2.4.26-16..
Then practise loading the modules manually with modprobe ip_conntrack_ftp etc..
How did you perform the upgrade?
Doing an upgrade, it is always possible old progs are still on the drive and something is calling them either from /etc/rc.d/rc3.d or from /etc/rc.d/rc.local
Have a close look at these init scripts to make sure what they are calling is the FC2 version..
In particular the rc.firewall script.. Make sure the file definitions in the beginning of the script are valid..
Last edited by peter_robb; 11-17-2004 at 02:32 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.