[gentoo-user] Woes with Kernel and Iptables

Fri, 16 Nov 2018 01:35:23 -0800 

Hi everyone,

I have a newly provisioned machine and for the life of me, I can't get
iptables working. Here is the error:

# iptables -L
iptables v1.6.1: can't initialize iptables table `filter': Table does
not exist (do you need to i
nsmod?)
Perhaps iptables or your kernel needs to be upgraded.

# lsmod
Module                  Size  Used by
ip_tables              24576  0

I see the same error after manually modprobing iptable_filter:

# modprobe iptable_filter
# lsmod
Module                  Size  Used by
iptable_filter         16384  0
ip_tables              24576  1 iptable_filter

I've also tried building it into the kernel, with no luck. On the
userspace-side I've went as far is doing a full "emerge -e iptables".
I tried upgrading to iptables-1.8 too. I also tried upgrading kernel
headers to match the version of the kernel I'm currnetly running.
Nothing I do can get it to work.

# uname -r
4.18.18

Thanks in advance for any suggestions!
-Andrey

P.S. Below are my related kernel settings. I tried to make them all
built-in, but that didn't work.

# zcat /proc/config.gz | grep NETF | grep -v XT
CONFIG_NETFILTER=y
CONFIG_NETFILTER_ADVANCED=y
CONFIG_BRIDGE_NETFILTER=y
CONFIG_NETFILTER_INGRESS=y
CONFIG_NETFILTER_NETLINK=y
CONFIG_NETFILTER_FAMILY_BRIDGE=y
CONFIG_NETFILTER_FAMILY_ARP=y
CONFIG_NETFILTER_NETLINK_ACCT=y
CONFIG_NETFILTER_NETLINK_QUEUE=y
CONFIG_NETFILTER_NETLINK_LOG=y
CONFIG_NETFILTER_CONNCOUNT=y
CONFIG_NETFILTER_NETLINK_GLUE_CT=y
CONFIG_NETFILTER_SYNPROXY=y

# zcat /proc/config.gz | grep IPTA
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP6_NF_IPTABLES=y

# zcat /proc/config.gz | grep IP_NF
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_RPFILTER=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_SYNPROXY=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_NETMAP=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_CLUSTERIP=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_TTL=m
# CONFIG_IP_NF_RAW is not set
CONFIG_IP_NF_SECURITY=m
CONFIG_IP_NF_ARPTABLES=y
CONFIG_IP_NF_ARPFILTER=y
CONFIG_IP_NF_ARP_MANGLE=y

Reply via email to