On 10 March 2015 at 00:57, Bruce Dubbs <[email protected]> wrote:
> Ken Moffat wrote: > >> On Mon, Mar 09, 2015 at 06:33:35PM +0000, Richard Melville wrote: >> >>> I've just upgraded from kernel 3.15 to 3.19.1 and iptables fails on boot >>> with:- >>> >>> "can't initialize iptables table `nat': Table does not exist (do you need >>> to insmod?) Perhaps iptables or your kernel needs to be upgraded." >>> >>> I receive the same message for ip6tables. I'm using the latest version >>> 1.4.21. I rebuilt and reinstalled iptables but to no avail. >>> >>> I always build static kernels so it's not a module issue. I used the >>> same >>> .config with the new kernel, and I've checked /proc/config.gz, which >>> looks >>> the same as before. When I reboot the box with the old kernel image >>> iptables and ip6tables come up just fine. >>> >>> Any help would be much appreciated before i tear out my remaining hair. >>> It >>> must be something simple that I've overlooked. >>> >>> Richard >>> >> >> Does it fail, or does it spit out an error message as if it failed, >> but actually still works ? >> >> I don't use the book's rc.iptables. I can _vaguely_ remember that >> these sort of messages started to appear with an unpgrade to an -rc >> kernel, but my notes from last year do not mention it. >> >> If it is indeed not working, look in menuconfig - there have been a >> number of changes to the netfilter/iptables options in recent >> kernels, and everything new probably defaults to 'N'. I suppose it >> is also possible that one of these cannot be built in. >> > > I cound 78 options in the kernel configuration for netfilter. For just > nat, I have: > > ONFIG_NF_NAT=y > CONFIG_NF_NAT_NEEDED=y > CONFIG_NF_NAT_PROTO_DCCP=y > CONFIG_NF_NAT_PROTO_UDPLITE=y > CONFIG_NF_NAT_PROTO_SCTP=y > CONFIG_NF_NAT_AMANDA=y > CONFIG_NF_NAT_FTP=y > CONFIG_NF_NAT_IRC=y > # CONFIG_NF_NAT_SIP is not set > # CONFIG_NF_NAT_TFTP is not set > CONFIG_NF_NAT_REDIRECT=y > CONFIG_NF_TABLES=y > # CONFIG_NF_TABLES_INET is not set > > Thanks for the replies Paul, Ken and Bruce. Paul you're correct that there has been much action on iptables since kernel 3.15. Bruce, I've checked again the netfilter options that you listed and I have most of those built-in. It seems, however, that CONFIG_IP_NF_NAT and CONFIG_IP6_NF_NAT have been added since I last compiled a kernel and these were not configured. I'm sure that accounts for the error messages. Ken, you're absolutely right. It wasn't a failure as such; just a warning. I should have checked to see if iptables was indeed running, and it is. I don't actually use the nat table, and I don't plan to as I'm attempting to build a pure ipv6 network. I wasn't at my best last night as I'm fighting an awful virus that's playing havoc with my brain -- that's my excuse anyway. There do appear to have been many changes in kernel 3.19.1, or at least since I last looked at the kernel config. I'm going to be forced to have a closer look because now I'm also getting issues with my intel wifi adapter not being recognised. According to dmesg sound also seems to be a problem, although it's not relevant to me on this particular box. Thanks again for all the help. Richard
-- http://lists.linuxfromscratch.org/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
