On Fri, Aug 5, 2011 at 20:24, Michael Mol <[email protected]> wrote: > On Fri, Aug 5, 2011 at 9:11 AM, Pandu Poluan <[email protected]> wrote: >> I'm having troubles with net-firewall/xtables-addons-1.3.7 >> >> emerge is successful, but all attempts to create an IP set (e.g., >> `ipset --create test hash:ip`) resulted in the following error >> message: >> >> FATAL: Error inserting ip_set >> (/lib/modules/2.6.39-hardened-r8PANS_GW_BN_02/xtables_addons/ip_set.ko): >> Invalid module format >> >> `insmod` begat an additional information: >> >> insmod: error inserting >> '/lib/modules/2.6.39-hardened-r8PANS_GW_BN_02/xtables_addons/ip_set.ko': >> -1 Invalid module format >> >> `dmesg | tail -1` gave a worrying error: >> >> [ 4085.271442] ip_set: exports duplicate symbol ip_set_nfnl_put (owned >> by kernel) >> >> What should I do? > > I don't know much about xtables, but ISTR it's a fork (or supplement?) > to iptables. >
Supplement, actually. It provides modules that for some reason haven't made it into iptables itself. > That sounds like a symbol conflict, such as if you were to try to > insert a module into a kernel, where the kernel already had the code > built-in. > > Check your kernel configuration and ensure that all of the iptables > stuff is built as modules, rather than built-in. Then (I suspect) it > should be a matter of figuring out which module conflicts. > Hmmm... okay, I'll try to build another kernel. There's this whole page of "IPset" in `make menuconfig` that I had naively set to built-in. I'll post updates. Rgds, -- Pandu E Poluan ~ IT Optimizer ~ • Blog : http://pepoluan.tumblr.com • Linked-In : http://id.linkedin.com/in/pepoluan
