iptables acts like there's no kernel support
 

I've recompiled my kernel and made sure to include Netfilter support but iptables still gives:

modprobe: Can't locate module ip_tables
iptables v1.2.8: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

I installed Netfilter as built into the kernel, not as a module, so why is iptables looking for a module anyway?

Any help would be appreciated.

Are you sure you have everything enabled here is what I have in my .config

You're right, I recompiled the kernel yet again and it worked. Thanks very much.

I've just started using Gentoo and have been having the same trouble as what was described in the first post, so I recompiled the kernel (2.4.23) making sure that the features mentioned were included.

The trouble is that while one error has gone another has turned up.

Because I'm still getting used to not having full GUI (was spoilt with Red Hat prior) I've been using Webmin to put a more familiar face on the settings. When I try and access the IPTables modules through that is gives the following error,

An error occured when checking your current IPtables configuration :

/lib/modules/2.4.23/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol _mmx_memcpy
/lib/modules/2.4.23/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol nf_unregister_sockopt
/lib/modules/2.4.23/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol nf_register_sockopt
/lib/modules/2.4.23/kernel/net/ipv4/netfilter/ip_tables.o: insmod /lib/modules/2.4.23/kernel/net/ipv4/netfilter/ip_tables.o failed
/lib/modules/2.4.23/kernel/net/ipv4/netfilter/ip_tables.o: insmod ip_tables failed
iptables v1.2.8: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

This may indicate that your kernel does not support IPtables.

Everything else appears to be running fine, just having trouble getting this to work. If anyone can shed any light on this it would be greatly appreciated.

Thanks,

You'll probably have to do what I did: recompile the kernel. Gentoo makes that relatively easy, just type 'genkernel' --config as root. You'll get a menu of things to include or not include in your kernel, just select 'y', 'n', or 'm' (module) for each. I've listed my network settings below (from my /usr/src/linux-2.4.20-gentoo-r8/.config file). The most important thing is to make sure that iptables is turned on and ipchains is turned off (you can't have both). You can compile iptables as a module if you prefer, which is how I did it. Genkernel will automatically install your new kernel. If you're nervous about rendering your system un-bootable you can put a backup copy of your old kernel in /boot as a precaution.

#
# Networking options
#
CONFIG_PACKET=y
CONFIG_PACKET_MMAP=y
# CONFIG_NETLINK_DEV is not set
CONFIG_NETFILTER=y
# CONFIG_NETFILTER_DEBUG is not set
CONFIG_FILTER=y
CONFIG_UNIX=y
CONFIG_INET=y
# CONFIG_IP_MULTICAST is not set
# CONFIG_IP_ADVANCED_ROUTER is not set
# CONFIG_IP_PNP is not set
# CONFIG_NET_IPIP is not set
# CONFIG_NET_IPGRE is not set
# CONFIG_ARPD is not set
# CONFIG_INET_ECN is not set
# CONFIG_SYN_COOKIES is not set

#
# IP: Netfilter Configuration
#
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_FTP=m
CONFIG_IP_NF_AMANDA=m
CONFIG_IP_NF_TFTP=m
# CONFIG_IP_NF_TALK is not set
# CONFIG_IP_NF_RSH is not set
# CONFIG_IP_NF_H323 is not set
# CONFIG_IP_NF_EGG is not set
CONFIG_IP_NF_CONNTRACK_MARK=y
CONFIG_IP_NF_IRC=m
# CONFIG_IP_NF_QUAKE3 is not set
# CONFIG_IP_NF_CT_PROTO_GRE is not set
# CONFIG_IP_NF_PPTP is not set
# CONFIG_IP_NF_MMS is not set
# CONFIG_IP_NF_CUSEEME is not set
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=m
# CONFIG_IP_NF_MATCH_RPC is not set
CONFIG_IP_NF_MATCH_LIMIT=m
# CONFIG_IP_NF_MATCH_QUOTA is not set
# CONFIG_IP_NF_POOL is not set
# CONFIG_IP_NF_MATCH_IPRANGE is not set
CONFIG_IP_NF_MATCH_MAC=m
CONFIG_IP_NF_MATCH_PKTTYPE=m
CONFIG_IP_NF_MATCH_MARK=m
CONFIG_IP_NF_MATCH_MULTIPORT=m
# CONFIG_IP_NF_MATCH_MPORT is not set
CONFIG_IP_NF_MATCH_TOS=m
# CONFIG_IP_NF_MATCH_RECENT is not set
# CONFIG_IP_NF_MATCH_TIME is not set
# CONFIG_IP_NF_MATCH_RANDOM is not set
# CONFIG_IP_NF_MATCH_PSD is not set
# CONFIG_IP_NF_MATCH_NTH is not set
# CONFIG_IP_NF_MATCH_IPV4OPTIONS is not set
# CONFIG_IP_NF_MATCH_FUZZY is not set
# CONFIG_IP_NF_MATCH_CONDITION is not set
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_DSCP=m
CONFIG_IP_NF_MATCH_AH_ESP=m
CONFIG_IP_NF_MATCH_LENGTH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_TCPMSS=m
# CONFIG_IP_NF_MATCH_STEALTH is not set
# CONFIG_IP_NF_MATCH_REALM is not set
CONFIG_IP_NF_MATCH_HELPER=m
CONFIG_IP_NF_MATCH_STATE=m
CONFIG_IP_NF_MATCH_CONNMARK=m
# CONFIG_IP_NF_MATCH_CONNLIMIT is not set
CONFIG_IP_NF_MATCH_CONNTRACK=m
CONFIG_IP_NF_MATCH_UNCLEAN=m
# CONFIG_IP_NF_MATCH_STRING is not set
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
# CONFIG_IP_NF_TARGET_NETLINK is not set
# CONFIG_IP_NF_TARGET_IPV4OPTSSTRIP is not set
CONFIG_IP_NF_TARGET_MIRROR=m
# CONFIG_IP_NF_TARGET_TARPIT is not set
# CONFIG_IP_NF_NAT is not set
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_DSCP=m
CONFIG_IP_NF_TARGET_MARK=m
# CONFIG_IP_NF_TARGET_IMQ is not set
# CONFIG_IP_NF_TARGET_CLASSIFY is not set
CONFIG_IP_NF_TARGET_LOG=m
# CONFIG_IP_NF_TARGET_ROUTE is not set
# CONFIG_IP_NF_TARGET_CONNMARK is not set
# CONFIG_IP_NF_TARGET_TTL is not set
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_TCPMSS=m
# CONFIG_IP_NF_ARPTABLES is not set
# CONFIG_IP_NF_COMPAT_IPCHAINS is not set
# CONFIG_IP_NF_COMPAT_IPFWADM is not set

I was quite sure that I'd got everything when I recompiled it before I posted, but obviously I'd missed something as it's all working now.

Cheers for the help, much appreciated.

Glad to help. Sounds like you had the same problem I did...there's so many options in the kernel that when you're sure you've got it configured correctly there's often one thing you forgot to set.