From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1EJQ0P-0005St-Ew for garchives@archives.gentoo.org; Sun, 25 Sep 2005 06:28:57 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id j8P6KggV010387; Sun, 25 Sep 2005 06:20:42 GMT Received: from dir.bg (mail.dir.bg [194.145.63.28]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id j8P6Fn0g017153 for ; Sun, 25 Sep 2005 06:15:51 GMT Received: from [217.30.222.4] (account rumen_yotov HELO mach.qrypto.org) by dir.bg (CommuniGate Pro SMTP 4.2.8) with ESMTP-TLS id 18487768 for gentoo-user@lists.gentoo.org; Sun, 25 Sep 2005 09:22:27 +0300 Date: Sun, 25 Sep 2005 09:27:37 +0300 From: Rumen Yotov To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Can't get iptables to work on AMD64, 2.6.12-gentoo-r10 Message-ID: <20050925092737.6c86b360@mach.qrypto.org> In-Reply-To: <4335c433.5aff9288@vuk.kjorling.com> References: <4335c433.5aff9288@vuk.kjorling.com> Organization: home X-Mailer: Sylpheed-Claws 1.9.13 (GTK+ 2.6.8; i686-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary=Signature_Sun__25_Sep_2005_09_27_37_+0300_7rC2sZZEarjmlfyD; protocol="application/pgp-signature"; micalg=PGP-SHA1 X-Archives-Salt: 9843c688-6ab6-4aeb-b615-aa0626a5ef3e X-Archives-Hash: 013389207a7c37f2496504d81535163d --Signature_Sun__25_Sep_2005_09_27_37_+0300_7rC2sZZEarjmlfyD Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Sat, 24 Sep 2005 21:25:07 +0000 Michael Kjorling wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 >=20 > My system is AMD64, Linux 2.6.12-gentoo-r10 (from gentoo-sources), > iptables 1.3.2 and generally up-to-date. I can't seem to get iptables > to work. Netfilter support is compiled into the kernel (compiling it > as a module and loading that gave the same result), as evidenced by: >=20 > $ zgrep -i iptables /proc/config.gz > CONFIG_IP_NF_IPTABLES=3Dy > $=20 >=20 > but iptables refuses to run: >=20 > # iptables -L -n > FATAL: Module ip_tables not found. > iptables v1.3.2: can't initialize iptables table `filter': Table does > not exist (do you need to insmod?) Perhaps iptables or your kernel > needs to be upgraded. #=20 >=20 > `iptables -X filter' gives me the same error message. >=20 > Any suggestions as for how to get packet filtering working (including > kernel configuration options to try) would be greatly appreciated. >=20 > - --=20 > Michael Kj=F6rling, michael@kjorling.com - http://michael.kjorling.com/ > * ASCII Ribbon Campaign: Against HTML Mail, Proprietary Attachments * > * ..... No bird soars too high if he soars with his own wings ..... * > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (GNU/Linux) >=20 > iD8DBQFDNcQzdY+HSb3praYRAmkVAJ4+l7uFwHsfQc5McejmrljuSLoWlwCgnjQP > eXGRvHKghiIcqXZephmOvn0=3D > =3D4Iep > -----END PGP SIGNATURE----- Hi, Not very much info i'm afraid, but a working solution. Choose to use shorewall and in their site-docs (pdf including) there is a graphical example of kernel config to use with shorewall. As their's intentions are for shorewall to be mostly used for quite everything with iptables, it has IIRC quite all options turned ON under iptables. Use this for some 2,5 years (with very small changes). Think you can also check the iptables site/docs (Google too). There was some site (easyiptables/easyfirewall) with a web-page menu driven config, don't know about kernel-config (check this ML archives). HTH. Rumen --Signature_Sun__25_Sep_2005_09_27_37_+0300_7rC2sZZEarjmlfyD Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2-ecc0.1.6 (GNU/Linux) iD8DBQFDNkNgw4vKYiLy/AsRAu5YAJ9KtxjA6KerMXw3WIhafSETyoLTEwCfRF2U erwgKv3RWlX8TLp+WLBDo60= =LIxt -----END PGP SIGNATURE----- --Signature_Sun__25_Sep_2005_09_27_37_+0300_7rC2sZZEarjmlfyD-- -- gentoo-user@gentoo.org mailing list