| View previous topic :: View next topic |
| Author |
Message |
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
 Posted: Fri Jan 30, 2015 12:24 am Post subject: can't initialize iptables table `nat'[solved] |
 |
|
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
localhost linux # modprobe nf_nat_ipv4
localhost linux # lsmod | grep -i nf_nat
nf_nat_ipv4 2897 0
nf_nat 9938 1 nf_nat_ipv4
nf_conntrack 49468 3 nf_nat,nf_nat_ipv4,nf_conntrack_ipv4
localhost linux # iptables -tnat -L
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
this started happening when I upgraded from 3.16.5 to 3.17.7
thanks
Last edited by Adel Ahmed on Wed Feb 04, 2015 12:09 am; edited 1 time in total |
|
| Back to top |
|
 |
wannagios
n00b
Joined: 30 Jan 2015
Posts: 1
|
| Posted: Fri Jan 30, 2015 5:33 am Post subject: |
|
|
如果执行 iptable -L 出现以下信息,那么就需要重新配置和编译内核:
iptables v1.4.2: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
配置选项:
Networking —->
Networking options —->
[*] Network packet filtering (replaces ipchains) —>
Core Netfilter Configuration —>
<*> Netfilter Xtables support (required for ip_tables)
IP: Netfilter Configuration —>
<*> Connection tracking (required for masq/NAT)
<*> IP tables support (required for filtering/masq/NAT)
<*> IP range match support
<*> Packet filtering
<*> REJECT target support
<*> Full NAT |
|
| Back to top |
|
|
lost+found
Guru
Joined: 15 Nov 2004
Posts: 509
Location: North~Sea~Coa~s~~t~~~
|
| Posted: Fri Jan 30, 2015 7:01 am Post subject: |
|
|
You probably miss one of these:
/lib/modules/3.17.7-gentoo/kernel/net/netfilter/nf_nat.ko
/lib/modules/3.17.7-gentoo/kernel/net/netfilter/nf_nat_ftp.ko
/lib/modules/3.17.7-gentoo/kernel/net/netfilter/xt_nat.ko
/lib/modules/3.17.7-gentoo/kernel/net/ipv4/netfilter/nf_nat_ipv4.ko
/lib/modules/3.17.7-gentoo/kernel/net/ipv4/netfilter/iptable_nat.ko
There were some changes in menuconfig between these kernel versions, so you might check there.
Cheers |
|
| Back to top |
|
|
toralf
Developer
Joined: 01 Feb 2004
Posts: 3922
Location: Hamburg
|
| Posted: Fri Jan 30, 2015 10:40 am Post subject: |
|
|
There were some pain with changed ip tables module names in the past.
If kernel menuconfig options were changed/moved in tis area you could just press "y" withinas often as you just asked for additional sub-menus to let the kernel configurator dive into the (new) menu structure. |
|
| Back to top |
|
|
acmondor
n00b
Joined: 08 Aug 2014
Posts: 59
Location: Canadian Prairies
|
| Posted: Mon Feb 02, 2015 2:42 pm Post subject: |
|
|
I ran into this problem earlier this year when I upgraded to 3.17.7. The problem is due to a new/changed config symbol. Prior to 3.17.7 CONFIG_NF_NAT was all that was required to enable NAT support. Now you need to use CONFIG_IP_NF_NAT as shown below from the 'make menuconfig' search NF_NAT result:
| Code: | Symbol: IP_NF_NAT [=y]
│ Type : tristate
│ Prompt: iptables NAT support
│ Location:
│ -> Networking support (NET [=y])
│ -> Networking options
│ -> Network packet filtering framework (Netfilter) (NETFILTER [=y])
│ -> IP: Netfilter Configuration
│ (2) -> IP tables support (required for filtering/masq/NAT) (IP_NF_IPTABLES [=y])
│ Defined at net/ipv4/netfilter/Kconfig:219
│ Depends on: NET [=y] && INET [=y] && NETFILTER [=y] && IP_NF_IPTABLES [=y] && NF_CONNTRACK_IPV4 [=y]
│ Selects: NF_NAT [=y] && NF_NAT_IPV4 [=y] && NETFILTER_XT_NAT [=y]
|
I always use 'make oldconfig' when I do kernel upgrades and that is usually sufficient, but this time around I had to run 'make menuconfig' afterwards to re-enable NAT. |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Wed Feb 04, 2015 12:03 am Post subject: |
|
|
thanks everyone
enabling CONFIG_IP_NF_NAT solved everything |
|
| Back to top |
|
|
|
Networking & Security
