From: "Jason S. Friedman" <jason@powerpull.net>
To: netfilter@lists.netfilter.org
Subject: RedHat 8.0 upgrade problem 1.2.8
Date: Tue, 26 Aug 2003 04:28:06 +0000 [thread overview]
Message-ID: <20030826042806.GA32233@charles> (raw)
I use RedHat and use the Redhat-provided RPMs for all my server maintenance.
$ uname -a
Linux abigail 2.4.20-19.8 #1 Tue Jul 15 14:59:09 EDT 2003 i686 athlon i386 GNU/Linux
I downloaded the RPM for iptables v.1.2.8 and executed rpm -Uvh. The command executed without errors and I can see six new files in /sbin:
-rwxr-xr-x 1 root root 58386 Jul 31 09:51 iptables-save
-rwxr-xr-x 1 root root 60196 Jul 31 09:51 iptables-restore
-rwxr-xr-x 1 root root 55410 Jul 31 09:51 iptables
-rwxr-xr-x 1 root root 60192 Jul 31 09:51 ip6tables-save
-rwxr-xr-x 1 root root 60400 Jul 31 09:51 ip6tables-restore
-rwxr-xr-x 1 root root 55760 Jul 31 09:51 ip6tables
I then entered
$ service iptables restart
These three lines appeared quickly:
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: mangle nat filter [ OK ]
Unloading iptables modules:
and then nothing for five minutes. My terminal would not respond to CTRL-C. I opened another terminal and killed the job and saw this on the original terminal:
/sbin/service: line 67: 21934 Terminated env -i LANG=$LANG PATH=$PATH "${SERVICEDIR}/${SERVICE}" ${OPTIONS}
I tried executing my normal iptables shell script (the one that worked without exception under 1.2.6a), below is a partial output:
+ iptables -t nat --flush
iptables v1.2.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
+ iptables -t mangle --flush
+ iptables -A INPUT -i lo -j ACCEPT
+ iptables -A OUTPUT -o lo -j ACCEPT
+ iptables --policy INPUT DROP
+ iptables --policy OUTPUT ACCEPT
+ iptables --policy FORWARD ACCEPT
+ iptables -t nat --policy PREROUTING ACCEPT
iptables v1.2.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
...
+ /sbin/insmod ip_tables
Using /lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_tables.o
insmod: a module named ip_tables already exists
+ /sbin/insmod ip_conntrack
Using /lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack.o
insmod: a module named ip_conntrack already exists
+ /sbin/insmod ip_conntrack_ftp
Using /lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o: unresolved symbol ip_conntrack_helper_unregister_Reea5a3fd
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o: unresolved symbol ip_conntrack_helper_register_Ra22d6eb5
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o: unresolved symbol ip_conntrack_expect_related_Rfc718b15
+ /sbin/insmod iptable_nat
Using /lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_ct_find_helper_R2e1adde3
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_htable_size_R8ef8af4c
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_ct_gather_frags_Rde4bd92c
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol invert_tuplepr_R5e68d8a9
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_module_Rb0361033
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_ct_selective_cleanup_R37fa06eb
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_get_Rc412d48a
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_tuple_taken_R4001f92d
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_alter_reply_Rca0ced33
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol __ip_ct_find_proto_R9e4bc5ef
/lib/modules/2.4.20-19.8/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_destroyed_R35dd3854
The result is that my INPUT, OUTPUT, and FORWARD chains remain unchanged (good) but I have no NAT table (bad).
Thank you
next reply other threads:[~2003-08-26 4:28 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-26 4:28 Jason S. Friedman [this message]
2003-08-26 4:46 ` RedHat 8.0 upgrade problem 1.2.8 Stuart J. Browne
2003-08-26 13:47 ` Arnt Karlsen
-- strict thread matches above, loose matches on Subject: below --
2003-08-26 13:07 Jason S. Friedman
2003-08-27 3:14 Jason S. Friedman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030826042806.GA32233@charles \
--to=jason@powerpull.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox