Netfilter Modules

Edward edward at tripled.iinet.net.au
Tue Aug 24 02:46:12 UTC 2004 

Just a quick question - I haven't seen this answered yet but if I've 
missed it I'm sorry.

I have in my firewall script the following lines (amongst others which 
don't affect the problem):

$DEPMOD -a
$INSMOD ip_tables
$INSMOD ip_conntrack
$INSMOD ip_conntrack_ftp
$INSMOD ip_conntrack_irc
$INSMOD iptable_nat
$INSMOD ip_nat_ftp

(Ofcourse the $DEPMOD and $INSMOD variables are set earlier in the 
script). I've always needed to do it this way since as long as I can 
remember to get FTP and IRC to work properly.

After upgrading to FC2, I've noticed the following generated in 
/var/log/messages when the script is run:

Aug 24 06:42:38 server kernel: ip_conntrack version 2.1 (1535 buckets, 
12280 max) - 296 bytes per conntrack
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_ct_selective_cleanup
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol invert_tuplepr
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_ct_gather_frags
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_untracked
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_conntrack_get
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_htable_size
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_destroyed
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
__ip_ct_find_proto
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol need_ip_conntrack
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_tuple_taken
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_alter_reply
Aug 24 06:42:38 server modprobe: FATAL: Error inserting iptable_nat 
(/lib/modules/2.6.6-1.435.2.3/kernel/net/ipv4/netfilter/iptable_nat.ko): 
Unknown symbol in module, or unknown parameter (see dmesg)

It looks like a module mismatch to me? Anybody have an idea? 
ip_conntrack seems OK, but why is it spewing at iptable_nat? Is it even 
needed?

Also, if there is TFM to R, then please tell me where, I'm happy to 
spend some time discovering by myself.

Regards,
Ed.

More information about the users mailing list