From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1E9vht-0004vP-F2 for garchives@archives.gentoo.org; Tue, 30 Aug 2005 02:18:37 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j7U2Fiel002593; Tue, 30 Aug 2005 02:15:44 GMT Received: from ihug-mail.icp-qv1-irony2.iinet.net.au (mail-iinet.icp-qv1-irony2.iinet.net.au [203.59.1.196]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j7U2C7a0025853 for ; Tue, 30 Aug 2005 02:12:08 GMT Received: from 203-59-166-20.dyn.iinet.net.au (HELO moriah.localdomain) (203.59.166.20) by ihug-mail.icp-qv1-irony2.iinet.net.au with ESMTP; 30 Aug 2005 09:42:09 +0800 Received: from localhost (localhost [127.0.0.1]) by moriah.localdomain (Postfix) with ESMTP id 5CB49BB30B for ; Tue, 30 Aug 2005 09:42:08 +0800 (WST) Received: from moriah.localdomain ([127.0.0.1]) by localhost (moriah [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12872-14 for ; Tue, 30 Aug 2005 09:42:02 +0800 (WST) Received: from localhost (localhost [127.0.0.1]) by moriah.localdomain (Postfix) with ESMTP id 5524085DC6 for ; Tue, 30 Aug 2005 09:42:02 +0800 (WST) Subject: Re: [gentoo-user] iptables From: "W.Kenworthy" To: gentoo-user@lists.gentoo.org In-Reply-To: <000f01c5acf3$ab2f4780$0501a8c0@croatus> References: <000f01c5acf3$ab2f4780$0501a8c0@croatus> Content-Type: text/plain Date: Tue, 30 Aug 2005 09:42:03 +0800 Message-Id: <1125366124.20471.57.camel@localhost> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.2.3 Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at localdomain X-Archives-Salt: 80e0907a-62c0-40ae-9fed-fd0889b45b9e X-Archives-Hash: 412f84554f85abf46abeaec74eff63bc iptables has an "extensions" use flag which you may or may not need depending on what the firestarter scripts do. After installing modules, you need to run modules-update to get the modules database sorted out. This may fix the symbol error. In some cases, you need to reboot into the new kernel as the symbols in the running kernel and new modules may be out of sync. BillK On Mon, 2005-08-29 at 19:44 -0400, John Dangler wrote: > I emerged firestarter (during which I got iptables), and forgot that I > didn't have iptables emerged prior. I went into the kernel and selected (as > the doc I found suggests) all of the options as modules under iptables. (The > doc also says that if they are compiled as modules, I didn't need to > reboot). > I did add iptables to /etc/modules.autoload.d/kernel-2.6 (for subsequent > rebooting). > > modprobe ip_tables results in: > FATAL: Error inserting ip_tables > (/lib/modules/2.6.12-gentoo-r9/kernel/net/ipv4/netfilter/ip_tables.ko): > Unknown symbol in module, or unknown parameter. > > dmesg produces - > ip_tables: disagrees about version of symbol skb_copy_files > ip_tables: Unknow symbol skb_copy_bits > ip_tables: Unknown symbol nf_register_sockopt > ip_tables: ip_tables: Unknown symbol nf_unregister_sockopt > ip_tables: Unknown symbol nf_unregister_sockopt > > (I just found another doc that says to ONLY modprobe IF you haven't built > this as a module) > DOH! > > I went back into the kernel config and removed all but the essential options > for iptables... (just iptables module) and rebuilt the kernel > > A reboot (aside from losing my wireless), produced an error on boot loading > iptables. > no other text in dmesg points to the problem. > > John D > > > > -- gentoo-user@gentoo.org mailing list