Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Unable to modprobe iptable_nat - Rackspace [SOLVED]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
hanj
Veteran
Veteran


Joined: 19 Aug 2003
Posts: 1490

PostPosted: Sun Jul 02, 2017 4:09 am    Post subject: Unable to modprobe iptable_nat - Rackspace [SOLVED] Reply with quote

I'm working with a 1 GB General Purpose v1 with Gentoo 15.3 installed. It is running gentoo-sources-4.0.5-gentoo.

First, here is my current iptables flags:
Code:
[ebuild   R    ] net-firewall/iptables-1.4.21-r1::gentoo  USE="conntrack -ipv6 -netlink -static-libs" 0 KiB


When I execute my iptables script, I get:

Code:
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.


So it appears that nat modules are not there. I went ahead adjusted the .config and make and make modules_install...

Code:
ls -al /lib/modules/4.0.5-gentoo/kernel/net/netfilter | grep nat
-rw-r--r-- 1 root root  5232 Jul  2 03:52 nf_nat_amanda.ko
-rw-r--r-- 1 root root  7392 Jul  2 03:52 nf_nat_ftp.ko
-rw-r--r-- 1 root root  6712 Jul  2 03:52 nf_nat_irc.ko
-rw-r--r-- 1 root root 28248 Jul  2 03:52 nf_nat.ko
-rw-r--r-- 1 root root  5216 Jul  2 03:52 nf_nat_proto_dccp.ko
-rw-r--r-- 1 root root  5456 Jul  2 03:52 nf_nat_proto_sctp.ko
-rw-r--r-- 1 root root  5176 Jul  2 03:52 nf_nat_proto_udplite.ko
-rw-r--r-- 1 root root 14096 Jul  2 03:52 nf_nat_sip.ko
-rw-r--r-- 1 root root  4696 Jul  2 03:52 nf_nat_tftp.ko
-rw-r--r-- 1 root root  6176 Jul  2 03:52 xt_nat.ko


When I issue a modprobe
Code:
modprobe iptable_nat
modprobe: ERROR: could not insert 'iptable_nat': Unknown symbol in module, or unknown parameter (see dmesg)


Output of dmesg:
Code:
[43513.682016] nf_nat: Unknown symbol nf_nat_decode_session_hook (err 0)
[43546.224835] nf_nat: Unknown symbol nf_nat_decode_session_hook (err 0)
[43673.244187] nf_nat: Unknown symbol nf_nat_decode_session_hook (err 0)
[43778.211605] nf_nat: Unknown symbol nf_nat_decode_session_hook (err 0)
[43793.123025] nf_nat: Unknown symbol nf_nat_decode_session_hook (err 0)
[43846.440585] nf_nat: Unknown symbol nf_nat_decode_session_hook (err 0)



Here are is output of NAT from the kernel config
Code:
CONFIG_NF_NAT=m
CONFIG_NF_NAT_NEEDED=y
CONFIG_NF_NAT_PROTO_DCCP=m
CONFIG_NF_NAT_PROTO_UDPLITE=m
CONFIG_NF_NAT_PROTO_SCTP=m
CONFIG_NF_NAT_AMANDA=m
CONFIG_NF_NAT_FTP=m
CONFIG_NF_NAT_IRC=m
CONFIG_NF_NAT_SIP=m
CONFIG_NF_NAT_TFTP=m
# CONFIG_NF_NAT_REDIRECT is not set
CONFIG_NETFILTER_XT_NAT=m
CONFIG_NF_NAT_IPV4=m
# CONFIG_NF_NAT_MASQUERADE_IPV4 is not set
CONFIG_NF_NAT_PROTO_GRE=m
CONFIG_NF_NAT_PPTP=m
CONFIG_NF_NAT_H323=m
CONFIG_IP_NF_NAT=m
# CONFIG_NF_NAT_IPV6 is not set
# CONFIG_IP6_NF_NAT is not set
CONFIG_INTEGRITY_SIGNATURE=y
CONFIG_SIGNATURE=y


Any ideas?

Thanks!
hanji
_________________
Server Admin Blog - Uno-Code.com


Last edited by hanj on Sun Jul 02, 2017 5:39 pm; edited 1 time in total
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6920

PostPosted: Sun Jul 02, 2017 6:24 am    Post subject: Reply with quote

Rebooting into the kernel the module's compiled for should fix the load errors, but WTF is "Gentoo 15.3"? Why are you using a kernel that hasn't had a single security patch in two years? You have much bigger problems to fix than a firewall right now.
Back to top
View user's profile Send private message
bunder
Bodhisattva
Bodhisattva


Joined: 10 Apr 2004
Posts: 5934

PostPosted: Sun Jul 02, 2017 7:30 am    Post subject: Reply with quote

Code:
Unknown symbol


can you try recompiling your kernel?

thanks
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 54098
Location: 56N 3W

PostPosted: Sun Jul 02, 2017 8:42 am    Post subject: Reply with quote

hanj,

Code:
[43513.682016] nf_nat: Unknown symbol nf_nat_decode_session_hook (err 0)

Something that the nf_nat module needs is missing from the kernel.

Its not always possible to add modules without a complete kernel rebuild.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
hanj
Veteran
Veteran


Joined: 19 Aug 2003
Posts: 1490

PostPosted: Sun Jul 02, 2017 5:34 pm    Post subject: Reply with quote

Ant P. wrote:
Rebooting into the kernel the module's compiled for should fix the load errors, but WTF is "Gentoo 15.3"? Why are you using a kernel that hasn't had a single security patch in two years? You have much bigger problems to fix than a firewall right now.


In the past with 'classic' images, you had to use Rackspace's kernel. Looks like with this version, you can emerge new versions. I was able to build and use gentoo-sources-4.9.34.

Thanks!
hank
_________________
Server Admin Blog - Uno-Code.com
Back to top
View user's profile Send private message
hanj
Veteran
Veteran


Joined: 19 Aug 2003
Posts: 1490

PostPosted: Sun Jul 02, 2017 5:39 pm    Post subject: Reply with quote

NeddySeagoon wrote:
hanj,

Code:
[43513.682016] nf_nat: Unknown symbol nf_nat_decode_session_hook (err 0)

Something that the nf_nat module needs is missing from the kernel.

Its not always possible to add modules without a complete kernel rebuild.


Thanks. Once I was able to build a new kernel version, those modules now load.

Thanks for the help!
hanji
_________________
Server Admin Blog - Uno-Code.com
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum