View previous topic :: View next topic |
Author |
Message |
tobigen n00b
Joined: 07 Sep 2012 Posts: 34
|
Posted: Thu Sep 27, 2012 6:50 pm Post subject: iptables ip_conntrack |
|
|
I wondered if anyone could enlighten me on how to solve the iptables error.
This is the error I get whenever I run the iptables script that contain modprobe ip_conntrack
Starting IPv4 Wall...
FATAL: Module ip_conntrack not found.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
And when I tried to compiled the ip_conntrack as module I still get the error ,
WARNING: Error inserting nf_conntrack (/lib/modules/3.4.9-gentoo/kernel/net/netfilter/nf_conntrack.ko): Invalid module format
FATAL: Error inserting nf_conntrack_ipv4 (/lib/modules/3.4.9-gentoo/kernel/net/ipv4/netfilter/nf_conntrack_ipv4.ko): Invalid module format
Please I need your assistance.
genTooBox # uname -r
3.4.9-gentoo
.config -> http://bpaste.net/show/47989/
my installed modules
=============
/lib/modules/3.4.9-gentoo/kernel/net/ipv4/netfilter/nf_nat_ftp.ko
/lib/modules/3.4.9-gentoo/kernel/net/ipv4/netfilter/nf_nat_irc.ko
/lib/modules/3.4.9-gentoo/kernel/net/ipv4/netfilter/nf_nat_sip.ko
/lib/modules/3.4.9-gentoo/kernel/net/ipv6/netfilter/nf_conntrack_ipv6.ko
/lib/modules/3.4.9-gentoo/kernel/net/ipv6/netfilter/nf_defrag_ipv6.ko
/lib/modules/3.4.9-gentoo/kernel/net/netfilter/xt_conntrack.ko
/lib/modules/3.4.9-gentoo/kernel/net/netfilter/nf_conntrack_netlink.ko
/lib/modules/3.4.9-gentoo/kernel/net/netfilter/xt_connmark.ko
/lib/modules/3.4.9-gentoo/kernel/net/netfilter/xt_LOG.ko
/lib/modules/3.4.9-gentoo/kernel/net/netfilter/nf_conntrack_ftp.ko
/lib/modules/3.4.9-gentoo/kernel/net/netfilter/nf_conntrack_irc.ko
/lib/modules/3.4.9-gentoo/kernel/net/netfilter/xt_CONNSECMARK.ko
/lib/modules/3.4.9-gentoo/kernel/net/netfilter/nf_conntrack_sip.ko
/lib/modules/3.4.9-gentoo/kernel/arch/x86/kernel/test_nx.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-hdmi.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-realtek.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-idt.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-intel.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-ca0110.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-ca0132.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-via.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-conexant.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-cirrus.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-si3054.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-analog.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/hda/snd-hda-codec-cmedia.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/ac97/snd-ac97-codec.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/snd-atiixp.ko
/lib/modules/3.4.9-gentoo/kernel/sound/pci/snd-intel8x0.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/oss/snd-mixer-oss.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/oss/snd-pcm-oss.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/seq/oss/snd-seq-oss.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/seq/snd-seq-midi-event.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/seq/snd-seq-dummy.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/seq/snd-seq.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/seq/snd-seq-device.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/snd-hwdep.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/snd-page-alloc.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/snd-hrtimer.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/snd-timer.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/snd.ko
/lib/modules/3.4.9-gentoo/kernel/sound/core/snd-pcm.ko
/lib/modules/3.4.9-gentoo/kernel/sound/ac97_bus.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/hid/hid-logitech-dj.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/net/ethernet/realtek/r8169.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/net/wireless/ath/ath9k/ath9k_common.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/net/wireless/ath/ath9k/ath9k_hw.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/net/wireless/ath/ath9k/ath9k.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/net/wireless/ath/ath.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/usb/host/xhci-hcd.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/char/kcopy/kcopy.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/scsi/scsi_wait_scan.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/video/backlight/lcd.ko
/lib/modules/3.4.9-gentoo/kernel/drivers/video/backlight/platform_lcd.ko |
|
Back to top |
|
|
PaulBredbury Watchman
Joined: 14 Jul 2005 Posts: 7310
|
Posted: Fri Sep 28, 2012 6:40 am Post subject: Re: iptables ip_conntrack |
|
|
tobigen wrote: | WARNING: Error inserting nf_conntrack (/lib/modules/3.4.9-gentoo/kernel/net/netfilter/nf_conntrack.ko): Invalid module format |
Recompile the kernel. Most important: Get rid of the old files first, to ensure a clean recompilation:
Code: | cd /lib/modules
mv 3.4.9-gentoo{,.old} |
|
|
Back to top |
|
|
tobigen n00b
Joined: 07 Sep 2012 Posts: 34
|
Posted: Fri Sep 28, 2012 8:39 am Post subject: |
|
|
I still get the same error , FATAL: Module ip_conntract not found
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name
Do you have any suggestion please ? |
|
Back to top |
|
|
PaulBredbury Watchman
Joined: 14 Jul 2005 Posts: 7310
|
Posted: Fri Sep 28, 2012 9:33 am Post subject: |
|
|
So build your kernel *with* that module included. A little check:
Code: | $ zgrep CONNTRACK /proc/config.gz
CONFIG_NF_CONNTRACK=y
...
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y
CONFIG_NF_CONNTRACK_IPV4=y
CONFIG_NF_CONNTRACK_PROC_COMPAT=y |
As you can see from "=y", I build it into the kernel - no need to modprobe. |
|
Back to top |
|
|
tobigen n00b
Joined: 07 Sep 2012 Posts: 34
|
Posted: Fri Sep 28, 2012 10:00 am Post subject: |
|
|
The error remained the same I removed the line modprobe ip_conntrack from the firewall script, the result is not what I expected. I could not do port redirection. if the NAT is ok this command , iptables -L -t nat should be able to tell me.Please do you have any further suggestion ?
Thanks in advanced. |
|
Back to top |
|
|
tobigen n00b
Joined: 07 Sep 2012 Posts: 34
|
Posted: Sat Sep 29, 2012 3:49 pm Post subject: |
|
|
Please can anyone show me the correct syntax to write to /etc/conf.d/modules if I intend to manually load the below modules :
ip_conntrack
nf_conntrack_ipv4
nf_defrag_ipv4
I have exhausted every method I know and I needed to have these modules loaded in order to have my firewalling script working.
Any assistance would be appreciated. Have a nice weekend. |
|
Back to top |
|
|
|