On Fri, Aug 5, 2011 at 9:11 AM, Pandu Poluan <[email protected]> wrote: > I'm having troubles with net-firewall/xtables-addons-1.3.7 > > emerge is successful, but all attempts to create an IP set (e.g., > `ipset --create test hash:ip`) resulted in the following error > message: > > FATAL: Error inserting ip_set > (/lib/modules/2.6.39-hardened-r8PANS_GW_BN_02/xtables_addons/ip_set.ko): > Invalid module format > > `insmod` begat an additional information: > > insmod: error inserting > '/lib/modules/2.6.39-hardened-r8PANS_GW_BN_02/xtables_addons/ip_set.ko': > -1 Invalid module format > > `dmesg | tail -1` gave a worrying error: > > [ 4085.271442] ip_set: exports duplicate symbol ip_set_nfnl_put (owned > by kernel) > > What should I do?
I don't know much about xtables, but ISTR it's a fork (or supplement?) to iptables. That sounds like a symbol conflict, such as if you were to try to insert a module into a kernel, where the kernel already had the code built-in. Check your kernel configuration and ensure that all of the iptables stuff is built as modules, rather than built-in. Then (I suspect) it should be a matter of figuring out which module conflicts. -- :wq
