Shorewall users - Oct 2006 - Shorewall complaining about Kernel options for NAT, tcrules etc

Hello,

I recently compiled-from-source the kernel on my CentOS 4.2 box, from
version 2.6.9-42 to 2.6.18, and now Shorewall complains about a lack
of support for NAT, tcrules etc. Iptables (and by extension Shorewall)
gives the following error when it runs:

iptables v1.2.11: can''t initialize iptables table `filter'':
iptables
who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

What exactly are the modules I need to enable to get this working?

Regards,

Jan

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Jan Mulders wrote:
> Hello,
> 
> I recently compiled-from-source the kernel on my CentOS 4.2 box, from
> version 2.6.9-42 to 2.6.18, and now Shorewall complains about a lack
> of support for NAT, tcrules etc. Iptables (and by extension Shorewall)
> gives the following error when it runs:
> 
> iptables v1.2.11: can''t initialize iptables table
`filter'': iptables
> who? (do you need to insmod?)
> Perhaps iptables or your kernel needs to be upgraded.
> 
> What exactly are the modules I need to enable to get this working?
>
Start by upgrading your iptables.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Upgraded iptables to 1.3.6.

Sadly, it''s crying about no ip_tables module:

root@betabitch [~/installs/iptables-1.3.6]# iptables -L
FATAL: Module ip_tables not found.
iptables v1.3.6: can''t initialize iptables table `filter'':
iptables
who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
root@betabitch [~/installs/iptables-1.3.6]#

I''m currently recompiling the kernel at the moment, it was deselected
in my previous .config file. (Is it acceptable to simply tick all
modules in the iptables section, except those marked
''experimental''?)

Thanks,

Jan

On 10/10/06, Tom Eastep <teastep@shorewall.net>
wrote:
> Jan Mulders wrote:
> > Hello,
> >
> > I recently compiled-from-source the kernel on my CentOS 4.2 box, from
> > version 2.6.9-42 to 2.6.18, and now Shorewall complains about a lack
> > of support for NAT, tcrules etc. Iptables (and by extension Shorewall)
> > gives the following error when it runs:
> >
> > iptables v1.2.11: can''t initialize iptables table
`filter'': iptables
> > who? (do you need to insmod?)
> > Perhaps iptables or your kernel needs to be upgraded.
> >
> > What exactly are the modules I need to enable to get this working?
> >
>
> Start by upgrading your iptables.
>
> -Tom
> --
> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep@shorewall.net
> PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
>
>
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net''s Techsay panel and you''ll get the
chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
>
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
>
>
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Jan Mulders wrote:
> Upgraded iptables to 1.3.6.
> 
> Sadly, it''s crying about no ip_tables module:
> 
> root@betabitch [~/installs/iptables-1.3.6]# iptables -L
> FATAL: Module ip_tables not found.
> iptables v1.3.6: can''t initialize iptables table
`filter'': iptables
> who? (do you need to insmod?)
> Perhaps iptables or your kernel needs to be upgraded.
> root@betabitch [~/installs/iptables-1.3.6]#
> 
> I''m currently recompiling the kernel at the moment, it was
deselected
> in my previous .config file. (Is it acceptable to simply tick all
> modules in the iptables section, except those marked
''experimental''?)
Sorry that I can''t help more.

I''ve gotten out of the kernel-building business entirely. I rely 100%
on
vendor-supplied kernels and iptables. Doing otherwise is just too much
of a hassle.

-Tom
--
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

I''ve gotten it working.

I used ''make menuconfig'' to turn on all the iptables options
that were
not (EXPERIMENTAL), and it seems to have worked fine.

I quite agree, recompiling the kernel (at least if you need to know
what you''re doing) is a real pain.

Thanks though,

Jan

On 11/10/06, Tom Eastep <teastep@shorewall.net>
wrote:
> Jan Mulders wrote:
> > Upgraded iptables to 1.3.6.
> >
> > Sadly, it''s crying about no ip_tables module:
> >
> > root@betabitch [~/installs/iptables-1.3.6]# iptables -L
> > FATAL: Module ip_tables not found.
> > iptables v1.3.6: can''t initialize iptables table
`filter'': iptables
> > who? (do you need to insmod?)
> > Perhaps iptables or your kernel needs to be upgraded.
> > root@betabitch [~/installs/iptables-1.3.6]#
> >
> > I''m currently recompiling the kernel at the moment, it was
deselected
> > in my previous .config file. (Is it acceptable to simply tick all
> > modules in the iptables section, except those marked
''experimental''?)
>
> Sorry that I can''t help more.
>
> I''ve gotten out of the kernel-building business entirely. I rely
100% on
> vendor-supplied kernels and iptables. Doing otherwise is just too much
> of a hassle.
>
> -Tom
> --
> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep@shorewall.net
> PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
>
>
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job
easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
>
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
>
>
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642