PDA

View Full Version : The Perfect Xen 3.0.3 Setup For Debian Sarge iptables problem on dom0

ren22
6th November 2006, 15:14
hi and a big thanks goes to falkotimme for the nice howto "The Perfect Xen 3.0.3 Setup For Debian Sarge"

everything goes fine but there is one problem with the iptables on dom0

when i compile the kernel for the dom0 and reboot the system and try on the console iptbales -L i get an error :

iptables v1.2.11: can't initialize iptables table `filter': Table does not
exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
:eek:

i dont know that is normal but i think it's not ...
after a look into the forum here i was finding an other thread with the same problem but with no real result fix :mad:

first i think i have made a mistake, ok then i make the system new, formatted the hole disk and installed debian net inst 3.1r3 again ...
the system is new and the problem is not gone away after i compiled the dom0 kernel and im real sure that i have verified all my steps that is written in the howto

i have the same results like the idol when i type the commands allready wroted like

uname -a
Linux debian 2.6.16.29-xen0 #2 Mon Nov 6 12:49:09 CET 2006 i686 GNU/Linux

updatedb
locate iptables
/lib/iptables
/lib/iptables/libip6t_ah.so
/lib/iptables/libip6t_condition.so
/lib/iptables/libip6t_dst.so
/lib/iptables/libip6t_esp.so
/lib/iptables/libip6t_eui64.so
/lib/iptables/libip6t_frag.so
/lib/iptables/libip6t_fuzzy.so
/lib/iptables/libip6t_hbh.so
/lib/iptables/libip6t_hl.so
/lib/iptables/libip6t_HL.so
/lib/iptables/libip6t_icmpv6.so
/lib/iptables/libip6t_ipv6header.so
/lib/iptables/libip6t_length.so
/lib/iptables/libip6t_limit.so
/lib/iptables/libip6t_LOG.so
/lib/iptables/libip6t_mac.so
/lib/iptables/libip6t_mark.so
/lib/iptables/libip6t_MARK.so
/lib/iptables/libip6t_multiport.so
/lib/iptables/libip6t_nth.so
/lib/iptables/libip6t_owner.so
/lib/iptables/libip6t_policy.so
/lib/iptables/libip6t_random.so
/lib/iptables/libip6t_REJECT.so
/lib/iptables/libip6t_ROUTE.so
/lib/iptables/libip6t_rt.so
/lib/iptables/libip6t_standard.so
/lib/iptables/libip6t_tcp.so
/lib/iptables/libip6t_TRACE.so
/lib/iptables/libip6t_udp.so
/lib/iptables/libipt_addrtype.so
/lib/iptables/libipt_ah.so
/lib/iptables/libipt_CLASSIFY.so
/lib/iptables/libipt_condition.so
/lib/iptables/libipt_connlimit.so
/lib/iptables/libipt_connmark.so
/lib/iptables/libipt_CONNMARK.so
/lib/iptables/libipt_conntrack.so
/lib/iptables/libipt_DNAT.so
/lib/iptables/libipt_dscp.so
/lib/iptables/libipt_DSCP.so
/lib/iptables/libipt_dstlimit.so
/lib/iptables/libipt_ecn.so
/lib/iptables/libipt_ECN.so
/lib/iptables/libipt_esp.so
/lib/iptables/libipt_fuzzy.so
/lib/iptables/libipt_helper.so
/lib/iptables/libipt_icmp.so
/lib/iptables/libipt_IPMARK.so
/lib/iptables/libipt_iprange.so
/lib/iptables/libipt_ipv4options.so
/lib/iptables/libipt_IPV4OPTSSTRIP.so
/lib/iptables/libipt_length.so
/lib/iptables/libipt_limit.so
/lib/iptables/libipt_LOG.so
/lib/iptables/libipt_mac.so
/lib/iptables/libipt_mark.so
/lib/iptables/libipt_MARK.so
/lib/iptables/libipt_MASQUERADE.so
/lib/iptables/libipt_MIRROR.so
/lib/iptables/libipt_mport.so
/lib/iptables/libipt_multiport.so
/lib/iptables/libipt_NETLINK.so
/lib/iptables/libipt_NETMAP.so
/lib/iptables/libipt_NOTRACK.so
/lib/iptables/libipt_nth.so
/lib/iptables/libipt_osf.so
/lib/iptables/libipt_owner.so
/lib/iptables/libipt_physdev.so
/lib/iptables/libipt_pkttype.so
/lib/iptables/libipt_policy.so
/lib/iptables/libipt_pool.so
/lib/iptables/libipt_POOL.so
/lib/iptables/libipt_psd.so
/lib/iptables/libipt_quota.so
/lib/iptables/libipt_random.so
/lib/iptables/libipt_realm.so
/lib/iptables/libipt_recent.so
/lib/iptables/libipt_REDIRECT.so
/lib/iptables/libipt_REJECT.so
/lib/iptables/libipt_ROUTE.so
/lib/iptables/libipt_rpc.so
/lib/iptables/libipt_SAME.so
/lib/iptables/libipt_sctp.so
/lib/iptables/libipt_set.so
/lib/iptables/libipt_SET.so
/lib/iptables/libipt_SNAT.so
/lib/iptables/libipt_standard.so
/lib/iptables/libipt_state.so
/lib/iptables/libipt_string.so
/lib/iptables/libipt_TARPIT.so
/lib/iptables/libipt_TCPLAG.so
/lib/iptables/libipt_tcpmss.so
/lib/iptables/libipt_TCPMSS.so
/lib/iptables/libipt_tcp.so
/lib/iptables/libipt_time.so
/lib/iptables/libipt_tos.so
/lib/iptables/libipt_TOS.so
/lib/iptables/libipt_TRACE.so
/lib/iptables/libipt_ttl.so
/lib/iptables/libipt_TTL.so
/lib/iptables/libipt_u32.so
/lib/iptables/libipt_udp.so
/lib/iptables/libipt_ULOG.so
/lib/iptables/libipt_unclean.so
/lib/iptables/libipt_XOR.so
/sbin/iptables
/sbin/iptables-restore
/sbin/iptables-save
/usr/share/doc/iptables
/usr/share/doc/iptables/changelog.Debian.gz
/usr/share/doc/iptables/changelog.gz
/usr/share/doc/iptables/copyright
/usr/share/doc/iptables/examples
/usr/share/doc/iptables/examples/3iptables-ppp_down-rules
/usr/share/doc/iptables/examples/3iptables-ppp_up-rules.gz
/usr/share/doc/iptables/examples/oldinitdscript.gz
/usr/share/doc/iptables/html
/usr/share/doc/iptables/html/NAT-HOWTO-10.html
/usr/share/doc/iptables/html/NAT-HOWTO-11.html
/usr/share/doc/iptables/html/NAT-HOWTO-1.html
/usr/share/doc/iptables/html/NAT-HOWTO-2.html
/usr/share/doc/iptables/html/NAT-HOWTO-3.html
/usr/share/doc/iptables/html/NAT-HOWTO-4.html
/usr/share/doc/iptables/html/NAT-HOWTO-5.html
/usr/share/doc/iptables/html/NAT-HOWTO-6.html
/usr/share/doc/iptables/html/NAT-HOWTO-7.html
/usr/share/doc/iptables/html/NAT-HOWTO-8.html
/usr/share/doc/iptables/html/NAT-HOWTO-9.html
/usr/share/doc/iptables/html/NAT-HOWTO.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-10.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-11.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-1.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-2.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-3.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-4.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-5.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-6.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-7.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-8.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-9.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO.html
/usr/share/doc/iptables/README.Debian.gz
/usr/share/lintian/overrides/iptables
/usr/share/man/man8/iptables.8.gz
/usr/share/man/man8/iptables-restore.8.gz
/usr/share/man/man8/iptables-save.8.gz
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables/module.h
/var/lib/dpkg/info/iptables.list
/var/lib/dpkg/info/iptables.md5sums
/var/lib/dpkg/info/iptables.postinst
/var/lib/dpkg/info/iptables.prerm

is there an other way to get iptables running under dom0 ...domU is a precompiled system (FLI4L) its support iptables

thanks a lot i hope someone can help me and other users they have the sameproblem like me and the idol

best regards
ren22
ren22
6th November 2006, 23:23
or maybe one can help howto compile a kernel with iptables inside and not as a module for the dom0 ...

thanks a lot for helping me out

LG ren22
ren22
7th November 2006, 15:26
hey again

other question, after i installed xen from the sources then modifying the bootloader and add

title Xen 3.0.3 / XenLinux 2.6
root (hd0,0)
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6-xen root=/dev/hda6 ro max_loop=255
module /initrd.img-2.6.16.29-xen

reboot and booting up this configuration and type on the console
iptables -L
and get the result

debian:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

...iptables looks fine ..

so when i compile the kernel with the options

File systems --> Quota support
<M> Old quota format support
<M> Quota format v2 support

Device Drivers ---> Network device support ---> <M> Dummy net driver support

Networking ---> Networking options ---> Network packet filtering (replaces ipchains) ---> Core Netfilter Configuration ---> <M> Netfilter Xtables support (required for ip_tables)

Networking ---> Networking options ---> Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)

modifying again the boot loader for the new kernel and boot it up
then i get the error from my first post ...

WHERE IS THE FUKING PROBLEM ????????????????????????

ihave tried to the options to as no module but directly inside the kernel but there problem isnt gone away ...im so stupid or is the really a problem with iptables ?

LG ren22
falko
7th November 2006, 17:31
modifying again the boot loader for the new kernel and boot it up
then i get the error from my first post ...

What exactly did you modify?
ren22
7th November 2006, 19:37
hi falko and thx for your support

i only modifying the bootloader with the start options ..(this is what i mean with
...
modifiynd)
...
title Xen 3.0.3 / XenLinux 2.6
root (hd0,0)
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6-xen root=/dev/hda6 ro max_loop=255
module /initrd.img-2.6.16.29-xen
...

and i was trying to implement the iptables directly in the kernel and not as modules ...

LG ren22
ren22
8th November 2006, 17:30
no one has an idea to fix the problem ?

LG ren22
falko
8th November 2006, 18:31
hi falko and thx for your support

i only modifying the bootloader with the start options ..(this is what i mean with
...
modifiynd)
...
title Xen 3.0.3 / XenLinux 2.6
root (hd0,0)
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6-xen root=/dev/hda6 ro max_loop=255
module /initrd.img-2.6.16.29-xen
...

and i was trying to implement the iptables directly in the kernel and not as modules ...

LG ren22
I mean what exactly did you have in your menu.lst when iptables didn't work, and what did you have in there when it worked? Please post both configurations so that we can compare them...
ren22
10th November 2006, 18:23
thanks falko for ur help
..so i have reinstalled my debian system plus your howto and now after the third installation it works ^^ :)
idont know why or where was the prob but the different thing what i was doing is i added all iptables modules in the kernelconfig menu as modules and after this its working right now :) :) :) "iptables -L"
but one problem is left only my second card will connect to the internet and i must reinstall it again
..i am not a linux guru just a beginner since 3month i hope its works again after reinstalling the 4time

LG ren22

and many thanks for helping me out
maybe this thread can be closed
falko
11th November 2006, 18:12
idont know why or where was the prob but the different thing what i was doing is i added all iptables modules in the kernelconfig menu as modules and after this its working right now :) :) :) "iptables -L"
I installed iptables as a module in the tutorial, too: http://www.howtoforge.com/debian_sarge_xen_3.0.3_p2
finn
12th December 2006, 01:33
I am having the same problem.
iptables -L in dom0 gives the following:
x2100:~# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

I have followed The Perfect Xen 3.0.3 Setup For Debian Sarge to the letter, except for the fact that I needed an initrd to get my dom0 kernel to boot. Could this have anything to do with the iptables not being included as a module?

uname -a gives:

x2100:~# uname -a
Linux x2100.ecobee.co.uk 2.6.16.29-xen0 #6 Mon Dec 11 23:37:19 GMT 2006 i686 GNU/Linux

Thanks in advance for any suggestions.
falko
12th December 2006, 15:47
What's the output of grep -i iptables /boot/config-2.6.16.29-xen0?
finn
12th December 2006, 20:08
Hi Falko,
thanks for sparing me a minute.

x2100:~# grep -i iptables /boot/config-2.6.16.29-xen0
CONFIG_IP_NF_IPTABLES=m
falko
13th December 2006, 15:33
Please try
insmod iptables
Then run iptables -L again.
finn
13th December 2006, 22:22
x2100:~# insmod iptables
insmod: can't read 'iptables': No such file or directory
x2100:~# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
falko
14th December 2006, 21:44
What's the output of updatedb
locate iptables?
finn
15th December 2006, 02:30
Hi Falko,
thanks for your input, you are a legend!
I ran the above commands and here's the output:
x2100:~# updatedb
x2100:~# locate iptables
/lib/iptables
/lib/iptables/libip6t_ah.so
/lib/iptables/libip6t_condition.so
/lib/iptables/libip6t_dst.so
/lib/iptables/libip6t_esp.so
/lib/iptables/libip6t_eui64.so
/lib/iptables/libip6t_frag.so
/lib/iptables/libip6t_fuzzy.so
/lib/iptables/libip6t_hbh.so
/lib/iptables/libip6t_hl.so
/lib/iptables/libip6t_HL.so
/lib/iptables/libip6t_icmpv6.so
/lib/iptables/libip6t_ipv6header.so
/lib/iptables/libip6t_length.so
/lib/iptables/libip6t_limit.so
/lib/iptables/libip6t_LOG.so
/lib/iptables/libip6t_mac.so
/lib/iptables/libip6t_mark.so
/lib/iptables/libip6t_MARK.so
/lib/iptables/libip6t_multiport.so
/lib/iptables/libip6t_nth.so
/lib/iptables/libip6t_owner.so
/lib/iptables/libip6t_policy.so
/lib/iptables/libip6t_random.so
/lib/iptables/libip6t_REJECT.so
/lib/iptables/libip6t_ROUTE.so
/lib/iptables/libip6t_rt.so
/lib/iptables/libip6t_standard.so
/lib/iptables/libip6t_tcp.so
/lib/iptables/libip6t_TRACE.so
/lib/iptables/libip6t_udp.so
/lib/iptables/libipt_addrtype.so
/lib/iptables/libipt_ah.so
/lib/iptables/libipt_CLASSIFY.so
/lib/iptables/libipt_condition.so
/lib/iptables/libipt_connlimit.so
/lib/iptables/libipt_connmark.so
/lib/iptables/libipt_CONNMARK.so
/lib/iptables/libipt_conntrack.so
/lib/iptables/libipt_DNAT.so
/lib/iptables/libipt_dscp.so
/lib/iptables/libipt_DSCP.so
/lib/iptables/libipt_dstlimit.so
/lib/iptables/libipt_ecn.so
/lib/iptables/libipt_ECN.so
/lib/iptables/libipt_esp.so
/lib/iptables/libipt_fuzzy.so
/lib/iptables/libipt_helper.so
/lib/iptables/libipt_icmp.so
/lib/iptables/libipt_IPMARK.so
/lib/iptables/libipt_iprange.so
/lib/iptables/libipt_ipv4options.so
/lib/iptables/libipt_IPV4OPTSSTRIP.so
/lib/iptables/libipt_length.so
/lib/iptables/libipt_limit.so
/lib/iptables/libipt_LOG.so
/lib/iptables/libipt_mac.so
/lib/iptables/libipt_mark.so
/lib/iptables/libipt_MARK.so
/lib/iptables/libipt_MASQUERADE.so
/lib/iptables/libipt_MIRROR.so
/lib/iptables/libipt_mport.so
/lib/iptables/libipt_multiport.so
/lib/iptables/libipt_NETLINK.so
/lib/iptables/libipt_NETMAP.so
/lib/iptables/libipt_NOTRACK.so
/lib/iptables/libipt_nth.so
/lib/iptables/libipt_osf.so
/lib/iptables/libipt_owner.so
/lib/iptables/libipt_physdev.so
/lib/iptables/libipt_pkttype.so
/lib/iptables/libipt_policy.so
/lib/iptables/libipt_pool.so
/lib/iptables/libipt_POOL.so
/lib/iptables/libipt_psd.so
/lib/iptables/libipt_quota.so
/lib/iptables/libipt_random.so
/lib/iptables/libipt_realm.so
/lib/iptables/libipt_recent.so
/lib/iptables/libipt_REDIRECT.so
/lib/iptables/libipt_REJECT.so
/lib/iptables/libipt_ROUTE.so
/lib/iptables/libipt_rpc.so
/lib/iptables/libipt_SAME.so
/lib/iptables/libipt_sctp.so
/lib/iptables/libipt_set.so
/lib/iptables/libipt_SET.so
/lib/iptables/libipt_SNAT.so
/lib/iptables/libipt_standard.so
/lib/iptables/libipt_state.so
/lib/iptables/libipt_string.so
/lib/iptables/libipt_TARPIT.so
/lib/iptables/libipt_TCPLAG.so
/lib/iptables/libipt_tcpmss.so
/lib/iptables/libipt_TCPMSS.so
/lib/iptables/libipt_tcp.so
/lib/iptables/libipt_time.so
/lib/iptables/libipt_tos.so
/lib/iptables/libipt_TOS.so
/lib/iptables/libipt_TRACE.so
/lib/iptables/libipt_ttl.so
/lib/iptables/libipt_TTL.so
/lib/iptables/libipt_u32.so
/lib/iptables/libipt_udp.so
/lib/iptables/libipt_ULOG.so
/lib/iptables/libipt_unclean.so
/lib/iptables/libipt_XOR.so
/sbin/iptables
/sbin/iptables-restore
/sbin/iptables-save
/usr/share/doc/iptables
/usr/share/doc/iptables/changelog.Debian.gz
/usr/share/doc/iptables/changelog.gz
/usr/share/doc/iptables/copyright
/usr/share/doc/iptables/examples
/usr/share/doc/iptables/examples/3iptables-ppp_down-rules
/usr/share/doc/iptables/examples/3iptables-ppp_up-rules.gz
/usr/share/doc/iptables/examples/oldinitdscript.gz
/usr/share/doc/iptables/html
/usr/share/doc/iptables/html/NAT-HOWTO-10.html
/usr/share/doc/iptables/html/NAT-HOWTO-11.html
/usr/share/doc/iptables/html/NAT-HOWTO-1.html
/usr/share/doc/iptables/html/NAT-HOWTO-2.html
/usr/share/doc/iptables/html/NAT-HOWTO-3.html
/usr/share/doc/iptables/html/NAT-HOWTO-4.html
/usr/share/doc/iptables/html/NAT-HOWTO-5.html
/usr/share/doc/iptables/html/NAT-HOWTO-6.html
/usr/share/doc/iptables/html/NAT-HOWTO-7.html
/usr/share/doc/iptables/html/NAT-HOWTO-8.html
/usr/share/doc/iptables/html/NAT-HOWTO-9.html
/usr/share/doc/iptables/html/NAT-HOWTO.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-10.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-11.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-1.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-2.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-3.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-4.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-5.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-6.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-7.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-8.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-9.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO.html
/usr/share/doc/iptables/README.Debian.gz
/usr/share/lintian/overrides/iptables
/usr/share/man/man8/iptables.8.gz
/usr/share/man/man8/iptables-restore.8.gz
/usr/share/man/man8/iptables-save.8.gz
/var/lib/dpkg/info/iptables.list
/var/lib/dpkg/info/iptables.md5sums
/var/lib/dpkg/info/iptables.postinst
/var/lib/dpkg/info/iptables.prerm
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables/module.h
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables/module.h
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables/module.h
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xenU/include/config/ip/nf/iptables
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xenU/include/config/ip/nf/iptables/module.h
falko
15th December 2006, 14:48
There's no iptables module (normally this is in /lib/modules/<kernel>/...). You are sure you enabled iptables as a module during the kernel configuration (your kernel configuration file says so, but you can never know)?
finn
15th December 2006, 18:13
Hi Falko,
yes I am sure that I enabled the module during the kernel configuration, and I have repeated the steps several times.
Do you know of any reason why this wouldn't work?
In the mean time I will try again.
Many thanks!
falko
16th December 2006, 13:18
Do you know of any reason why this wouldn't work?

I have no idea. :confused:
finn
6th January 2007, 17:31
I still have the same problem. I have just done another completely clean install and after booting into dom0 have no iptables. It seems others have the same problem
on this thread (http://www.howtoforge.com/forums/showthread.php?t=7688).

The only difference in my installation this time is that I managed to avoid using a ramdisk image for my dom0 by including the required nvidia SATA drivers in the kernel. I had hoped this would help, but it hasn't.

Just in case you spot anything else, here are the details as before:


x2100:~# insmod iptables

insmod: can't read 'iptables': No such file or directory

x2100:~# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

x2100:~# grep -i iptables /boot/config-2.6.16.29-xen0
CONFIG_IP_NF_IPTABLES=m

x2100:~# insmod iptables
insmod: can't read 'iptables': No such file or directory

x2100:~# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

x2100:~# updatedb
x2100:~# locate iptables
/lib/iptables
/lib/iptables/libip6t_ah.so
/lib/iptables/libip6t_condition.so
/lib/iptables/libip6t_dst.so
/lib/iptables/libip6t_esp.so
/lib/iptables/libip6t_eui64.so
/lib/iptables/libip6t_frag.so
/lib/iptables/libip6t_fuzzy.so
/lib/iptables/libip6t_hbh.so
/lib/iptables/libip6t_hl.so
/lib/iptables/libip6t_HL.so
/lib/iptables/libip6t_icmpv6.so
/lib/iptables/libip6t_ipv6header.so
/lib/iptables/libip6t_length.so
/lib/iptables/libip6t_limit.so
/lib/iptables/libip6t_LOG.so
/lib/iptables/libip6t_mac.so
/lib/iptables/libip6t_mark.so
/lib/iptables/libip6t_MARK.so
/lib/iptables/libip6t_multiport.so
/lib/iptables/libip6t_nth.so
/lib/iptables/libip6t_owner.so
/lib/iptables/libip6t_policy.so
/lib/iptables/libip6t_random.so
/lib/iptables/libip6t_REJECT.so
/lib/iptables/libip6t_ROUTE.so
/lib/iptables/libip6t_rt.so
/lib/iptables/libip6t_standard.so
/lib/iptables/libip6t_tcp.so
/lib/iptables/libip6t_TRACE.so
/lib/iptables/libip6t_udp.so
/lib/iptables/libipt_addrtype.so
/lib/iptables/libipt_ah.so
/lib/iptables/libipt_CLASSIFY.so
/lib/iptables/libipt_condition.so
/lib/iptables/libipt_connlimit.so
/lib/iptables/libipt_connmark.so
/lib/iptables/libipt_CONNMARK.so
/lib/iptables/libipt_conntrack.so
/lib/iptables/libipt_DNAT.so
/lib/iptables/libipt_dscp.so
/lib/iptables/libipt_DSCP.so
/lib/iptables/libipt_dstlimit.so
/lib/iptables/libipt_ecn.so
/lib/iptables/libipt_ECN.so
/lib/iptables/libipt_esp.so
/lib/iptables/libipt_fuzzy.so
/lib/iptables/libipt_helper.so
/lib/iptables/libipt_icmp.so
/lib/iptables/libipt_IPMARK.so
/lib/iptables/libipt_iprange.so
/lib/iptables/libipt_ipv4options.so
/lib/iptables/libipt_IPV4OPTSSTRIP.so
/lib/iptables/libipt_length.so
/lib/iptables/libipt_limit.so
/lib/iptables/libipt_LOG.so
/lib/iptables/libipt_mac.so
/lib/iptables/libipt_mark.so
/lib/iptables/libipt_MARK.so
/lib/iptables/libipt_MASQUERADE.so
/lib/iptables/libipt_MIRROR.so
/lib/iptables/libipt_mport.so
/lib/iptables/libipt_multiport.so
/lib/iptables/libipt_NETLINK.so
/lib/iptables/libipt_NETMAP.so
/lib/iptables/libipt_NOTRACK.so
/lib/iptables/libipt_nth.so
/lib/iptables/libipt_osf.so
/lib/iptables/libipt_owner.so
/lib/iptables/libipt_physdev.so
/lib/iptables/libipt_pkttype.so
/lib/iptables/libipt_policy.so
/lib/iptables/libipt_pool.so
/lib/iptables/libipt_POOL.so
/lib/iptables/libipt_psd.so
/lib/iptables/libipt_quota.so
/lib/iptables/libipt_random.so
/lib/iptables/libipt_realm.so
/lib/iptables/libipt_recent.so
/lib/iptables/libipt_REDIRECT.so
/lib/iptables/libipt_REJECT.so
/lib/iptables/libipt_ROUTE.so
/lib/iptables/libipt_rpc.so
/lib/iptables/libipt_SAME.so
/lib/iptables/libipt_sctp.so
/lib/iptables/libipt_set.so
/lib/iptables/libipt_SET.so
/lib/iptables/libipt_SNAT.so
/lib/iptables/libipt_standard.so
/lib/iptables/libipt_state.so
/lib/iptables/libipt_string.so
/lib/iptables/libipt_TARPIT.so
/lib/iptables/libipt_TCPLAG.so
/lib/iptables/libipt_tcpmss.so
/lib/iptables/libipt_TCPMSS.so
/lib/iptables/libipt_tcp.so
/lib/iptables/libipt_time.so
/lib/iptables/libipt_tos.so
/lib/iptables/libipt_TOS.so
/lib/iptables/libipt_TRACE.so
/lib/iptables/libipt_ttl.so
/lib/iptables/libipt_TTL.so
/lib/iptables/libipt_u32.so
/lib/iptables/libipt_udp.so
/lib/iptables/libipt_ULOG.so
/lib/iptables/libipt_unclean.so
/lib/iptables/libipt_XOR.so
/sbin/iptables
/sbin/iptables-restore
/sbin/iptables-save
/usr/share/doc/iptables
/usr/share/doc/iptables/changelog.Debian.gz
/usr/share/doc/iptables/changelog.gz
/usr/share/doc/iptables/copyright
/usr/share/doc/iptables/examples
/usr/share/doc/iptables/examples/3iptables-ppp_down-rules
/usr/share/doc/iptables/examples/3iptables-ppp_up-rules.gz
/usr/share/doc/iptables/examples/oldinitdscript.gz
/usr/share/doc/iptables/html
/usr/share/doc/iptables/html/NAT-HOWTO-10.html
/usr/share/doc/iptables/html/NAT-HOWTO-11.html
/usr/share/doc/iptables/html/NAT-HOWTO-1.html
/usr/share/doc/iptables/html/NAT-HOWTO-2.html
/usr/share/doc/iptables/html/NAT-HOWTO-3.html
/usr/share/doc/iptables/html/NAT-HOWTO-4.html
/usr/share/doc/iptables/html/NAT-HOWTO-5.html
/usr/share/doc/iptables/html/NAT-HOWTO-6.html
/usr/share/doc/iptables/html/NAT-HOWTO-7.html
/usr/share/doc/iptables/html/NAT-HOWTO-8.html
/usr/share/doc/iptables/html/NAT-HOWTO-9.html
/usr/share/doc/iptables/html/NAT-HOWTO.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-10.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-11.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-1.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-2.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-3.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-4.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-5.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-6.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-7.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-8.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-9.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO.html
/usr/share/doc/iptables/README.Debian.gz
/usr/share/lintian/overrides/iptables
/usr/share/man/man8/iptables.8.gz
/usr/share/man/man8/iptables-restore.8.gz
/usr/share/man/man8/iptables-save.8.gz
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables/module.h
/var/lib/dpkg/info/iptables.list
/var/lib/dpkg/info/iptables.md5sums
/var/lib/dpkg/info/iptables.postinst
/var/lib/dpkg/info/iptables.prerm
falko
7th January 2007, 20:13
I'm still clueless... :(
All I can say is that it worked for me exactly as I wrote it in the tutorial.
finn
7th January 2007, 20:32
Thanks anyway Falko, you're tutorials have been and continue to be of great help. I have shelved the Xen installation for now in favour of a straight up Debian with ISPConfig install, which is working fine.
Thanks again.
Finn