11-26-2002
same old, same old - an iptables problem
I'm having a problem with iptables, despite being an old hand with ipchains. I am getting the following message when I try to "start" my iptables:
Quote:
Applying iptables firewall rules: iptables-restore v1.2.6a: can't initialize iptables table `': Table does not exist (do you need to insmod?)
I would usually say that one of the iptables kernel modules isn't loaded, especially if the `' actually read `nat' or `mangle' or something similar.
The output of my lsmod is:
Quote:
Module Size Used by Not tainted
autofs 13348 0 (autoclean) (unused)
3c59x 30640 1
iptable_filter 2412 0 (autoclean) (unused)
ip_tables 14936 1 [iptable_filter]
mousedev 5524 0 (unused)
keybdev 2976 0 (unused)
hid 22244 0 (unused)
input 5888 0 [mousedev keybdev hid]
usb-uhci 26188 0 (unused)
usbcore 77024 1 [hid usb-uhci]
ext3 70368 2
jbd 52212 2 [ext3]
my iptables config is:
Quote:
# ------- Set default policy's for all built-in rules -------
-P INPUT DROP
-P OUTPUT ACCEPT
-P FORWARD DROP
# ------- Allow all ICMP packets to this machine ------------
-A INPUT -p icmp -j ACCEPT
# ------- Allow DNS udp and tcp packets to and from machine -
-A INPUT -p udp --dport 53 -s 0/0 -d 0/0 -b -j ACCEPT
-A INPUT -p tcp --dport 53 -s 0/0 -d 0/0 -b -j ACCEPT
# ------- Allow SSH tcp packets in --------------------------
-A INPUT -p tcp --dport 22 -j ACCEPT
# ------- Allow local packets through -----------------------
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A FORWARD -i lo -j ACCEPT
I would greatly appreciate any help. I have tried experimenting by removing rules and such, but the only way I have been able to get a clean startup is by having a blank config!
I'm not sure what is causing iptables to try and load a null `' table ... as I understood it the `filter' table is the default table. Also, please tell me to FAQ off if this is a commonly answered question. I've checked UNIX.COM and the
homepage mailing lists to no avail.
as an extension of this, I have tried starting just with the rule:
-P INPUT DROP
nothing else, and I still get the same error.
Last edited by sam_pointer; 11-26-2002 at 12:59 PM..
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
Just recently we seem to be getting the following error message relating to SSH when we run the UNIX script in background mode:
warning: You have no controlling tty. Cannot read confirmation.^M
warning: Authentication failed.^M
Disconnected; key exchange or algorithm negotiation... (1 Reply)
Discussion started by: budrito
1 Replies
2. AIX
1) when user login to the server the session got colosed. How will resolve?
2) While firing the command ls -l we are not able to see the any files in the director. but over all view the file system using the command df -g it is showing 91% used. what will be the problem?
Thanks in advance. (1 Reply)
Discussion started by: pernasivam
1 Replies
3. Red Hat
Hi,
i've a redhat linux 9 upadated by redhat from 7 version to 9 version. A couple of days ago i was a problem with my mail, in other words i'm not able to get any email nor to send any email. I've a proxy configuration and i tried to set iptables in order to verify the port. The 110,255 and 995... (1 Reply)
Discussion started by: pintalgi
1 Replies
4. Linux
Hi,
i have 40 client's in my network, that connected to internet via
squid server (WebProxy). i want none of these client can't ping my squid server bat squid server can ping them.i wrote these rules but it is'nt work.
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -A INPUT -p... (1 Reply)
Discussion started by: skynet_boy
1 Replies
5. IP Networking
Hi,
This is rather a question from a "user" than from a sys admin, but I think this forum is apropriate for the question.
I have an adress with automatic email forwarding and for some senders (two hietherto), emails are bouncing. This has really created a lot of problems those two time so I... (0 Replies)
Discussion started by: carwe
0 Replies
6. IP Networking
I have a pretty stock iptables script. One rule allows active ftp from an outside IP address. To troubleshoot it, I opened up ftp to all connections from the outside.
When a user outside our domain connects via FTP, they are denied. If I flush the rules, the ftp takes place successfully. This... (2 Replies)
Discussion started by: bricoleur
2 Replies
7. UNIX for Dummies Questions & Answers
Hi all,
I have a problem. I have iptables enabled in my ubuntu system on which tftp server is configured. Now when I try to do a tftpget from another ubuntu 32-bit machine, file transfer is not happening. But, when iptables are disabled, everything is fine. I heard that some ip_conntrack module... (0 Replies)
Discussion started by: sai2krishna
0 Replies
8. UNIX for Dummies Questions & Answers
Hallo I have a configuration problem.
I my ubuntu server (with iptables) I have 3 interfaces (ip ending with 1)
I have a private network ETH2à192.168.238.0/24
a DMZ: ETH1à192.168.238.0/24
and an external interface (eth 0 -->10.20.4.0/23)
im my dmz I have a webserver (192.168.238.2)
How can... (0 Replies)
Discussion started by: sarto76
0 Replies
9. UNIX for Dummies Questions & Answers
I don't know if you guys get this problem sometimes at Terminal but I had been having this problem since yesterday :( Maybe I overdid the Terminal. Even the codes that used to work doesn't work anymore.
Here is what 's happening:
* I wanted to remove lines containing digits so I used this... (25 Replies)
Discussion started by: Nexeu
25 Replies
10. IP Networking
Hi everyone,
I am experiencing discontinuity of Internet service, this started 1 month ago. Everything worked very well for 1 year of intensive use, but now, I have problems reaching my gateway.
The gateway is not my router but a node belonging to my ISP and I share the same public IP with... (3 Replies)
Discussion started by: remic
3 Replies
LEARN ABOUT PHP
iptables-save
IPTABLES-SAVE(8) iptables 1.6.1 IPTABLES-SAVE(8)
NAME
iptables-save -- dump iptables rules to stdout
ip6tables-save -- dump iptables rules to stdout
SYNOPSIS
iptables-save [-M modprobe] [-c] [-t table]
ip6tables-save [-M modprobe] [-c] [-t table]
DESCRIPTION
iptables-save and ip6tables-save are used to dump the contents of IP or IPv6 Table in easily parseable format to STDOUT. Use I/O-redirect-
ion provided by your shell to write to a file.
-M, --modprobe modprobe_program
Specify the path to the modprobe program. By default, iptables-save will inspect /proc/sys/kernel/modprobe to determine the exe-
cutable's path.
-c, --counters
include the current values of all packet and byte counters in the output
-t, --table tablename
restrict output to only one table. If not specified, output includes all available tables.
BUGS
None known as of iptables-1.2.1 release
AUTHORS
Harald Welte <laforge@gnumonks.org>
Rusty Russell <rusty@rustcorp.com.au>
Andras Kis-Szabo <kisza@sch.bme.hu> contributed ip6tables-save.
SEE ALSO
iptables-apply(8),iptables-restore(8), iptables(8)
The iptables-HOWTO, which details more iptables usage, the NAT-HOWTO, which details NAT, and the netfilter-hacking-HOWTO which details the
internals.
iptables 1.6.1 IPTABLES-SAVE(8)