From: "Jason S. Friedman" <jason@powerpull.net>
To: netfilter@lists.netfilter.org
Subject: RedHat 8.0 upgrade problem 1.2.8
Date: Tue, 26 Aug 2003 04:28:06 +0000 [thread overview]
Message-ID: <20030826042806.GA32233@charles> (raw)
I use RedHat and use the Redhat-provided RPMs for all my server maintenance.
$ uname -a
Linux abigail 2.4.20-19.8 #1 Tue Jul 15 14:59:09 EDT 2003 i686 athlon i386 GNU/Linux
I downloaded the RPM for iptables v.1.2.8 and executed rpm -Uvh. The command executed without errors and I can see six new files in /sbin:
-rwxr-xr-x 1 root root 58386 Jul 31 09:51 iptables-save
-rwxr-xr-x 1 root root 60196 Jul 31 09:51 iptables-restore
-rwxr-xr-x 1 root root 55410 Jul 31 09:51 iptables
-rwxr-xr-x 1 root root 60192 Jul 31 09:51 ip6tables-save
-rwxr-xr-x 1 root root 60400 Jul 31 09:51 ip6tables-restore
-rwxr-xr-x 1 root root 55760 Jul 31 09:51 ip6tables
I then entered
$ service iptables restart
These three lines appeared quickly:
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: mangle nat filter [ OK ]
Unloading iptables modules:
and then nothing for five minutes. My terminal would not respond to CTRL-C. I opened another terminal and killed the job and saw this on the original terminal:
/sbin/service: line 67: 21934 Terminated env -i LANG=$LANG PATH=$PATH "${SERVICEDIR}/${SERVICE}" ${OPTIONS}
I tried executing my normal iptables shell script (the one that worked without exception under 1.2.6a), below is a partial output:
+ iptables -t nat --flush
iptables v1.2.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
+ iptables -t mangle --flush
+ iptables -A INPUT -i lo -j ACCEPT
+ iptables -A OUTPUT -o lo -j ACCEPT
+ iptables --policy INPUT DROP
+ iptables --policy OUTPUT ACCEPT
+ iptables --policy FORWARD ACCEPT
+ iptables -t nat --policy PREROUTING ACCEPT
iptables v1.2.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
...
+ /sbin/insmod ip_tables
Using /lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_tables.o
insmod: a module named ip_tables already exists
+ /sbin/insmod ip_conntrack
Using /lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack.o
insmod: a module named ip_conntrack already exists
+ /sbin/insmod ip_conntrack_ftp
Using /lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o: unresolved symbol ip_conntrack_helper_unregister_Reea5a3fd
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o: unresolved symbol ip_conntrack_helper_register_Ra22d6eb5
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o: unresolved symbol ip_conntrack_expect_related_Rfc718b15
+ /sbin/insmod iptable_nat
Using /lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_ct_find_helper_R2e1adde3
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_htable_size_R8ef8af4c
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_ct_gather_frags_Rde4bd92c
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol invert_tuplepr_R5e68d8a9
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_module_Rb0361033
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_ct_selective_cleanup_R37fa06eb
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_get_Rc412d48a
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_tuple_taken_R4001f92d
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_alter_reply_Rca0ced33
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol __ip_ct_find_proto_R9e4bc5ef
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_destroyed_R35dd3854
The result is that my INPUT, OUTPUT, and FORWARD chains remain unchanged (good) but I have no NAT table (bad).
Thank you
next reply other threads:[~2003-08-26 4:28 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-26 4:28 Jason S. Friedman [this message]
2003-08-26 4:46 ` RedHat 8.0 upgrade problem 1.2.8 Stuart J. Browne
2003-08-26 13:47 ` Arnt Karlsen
-- strict thread matches above, loose matches on Subject: below --
2003-08-26 13:07 Jason S. Friedman
2003-08-27 3:14 Jason S. Friedman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030826042806.GA32233@charles \
--to=jason@powerpull.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.