HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   The Perfect Xen 3.0.3 Setup For Debian Sarge iptables problem on dom0 (http://www.howtoforge.com/forums/showthread.php?t=7977)

ren22 6th November 2006 14:14

The Perfect Xen 3.0.3 Setup For Debian Sarge iptables problem on dom0
 
hi and a big thanks goes to falkotimme for the nice howto "The Perfect Xen 3.0.3 Setup For Debian Sarge"

everything goes fine but there is one problem with the iptables on dom0

when i compile the kernel for the dom0 and reboot the system and try on the console iptbales -L i get an error :

iptables v1.2.11: can't initialize iptables table `filter': Table does not
exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
:eek:

i dont know that is normal but i think it's not ...
after a look into the forum here i was finding an other thread with the same problem but with no real result fix :mad:

first i think i have made a mistake, ok then i make the system new, formatted the hole disk and installed debian net inst 3.1r3 again ...
the system is new and the problem is not gone away after i compiled the dom0 kernel and im real sure that i have verified all my steps that is written in the howto

i have the same results like the idol when i type the commands allready wroted like

uname -a
Linux debian 2.6.16.29-xen0 #2 Mon Nov 6 12:49:09 CET 2006 i686 GNU/Linux

updatedb
locate iptables
/lib/iptables
/lib/iptables/libip6t_ah.so
/lib/iptables/libip6t_condition.so
/lib/iptables/libip6t_dst.so
/lib/iptables/libip6t_esp.so
/lib/iptables/libip6t_eui64.so
/lib/iptables/libip6t_frag.so
/lib/iptables/libip6t_fuzzy.so
/lib/iptables/libip6t_hbh.so
/lib/iptables/libip6t_hl.so
/lib/iptables/libip6t_HL.so
/lib/iptables/libip6t_icmpv6.so
/lib/iptables/libip6t_ipv6header.so
/lib/iptables/libip6t_length.so
/lib/iptables/libip6t_limit.so
/lib/iptables/libip6t_LOG.so
/lib/iptables/libip6t_mac.so
/lib/iptables/libip6t_mark.so
/lib/iptables/libip6t_MARK.so
/lib/iptables/libip6t_multiport.so
/lib/iptables/libip6t_nth.so
/lib/iptables/libip6t_owner.so
/lib/iptables/libip6t_policy.so
/lib/iptables/libip6t_random.so
/lib/iptables/libip6t_REJECT.so
/lib/iptables/libip6t_ROUTE.so
/lib/iptables/libip6t_rt.so
/lib/iptables/libip6t_standard.so
/lib/iptables/libip6t_tcp.so
/lib/iptables/libip6t_TRACE.so
/lib/iptables/libip6t_udp.so
/lib/iptables/libipt_addrtype.so
/lib/iptables/libipt_ah.so
/lib/iptables/libipt_CLASSIFY.so
/lib/iptables/libipt_condition.so
/lib/iptables/libipt_connlimit.so
/lib/iptables/libipt_connmark.so
/lib/iptables/libipt_CONNMARK.so
/lib/iptables/libipt_conntrack.so
/lib/iptables/libipt_DNAT.so
/lib/iptables/libipt_dscp.so
/lib/iptables/libipt_DSCP.so
/lib/iptables/libipt_dstlimit.so
/lib/iptables/libipt_ecn.so
/lib/iptables/libipt_ECN.so
/lib/iptables/libipt_esp.so
/lib/iptables/libipt_fuzzy.so
/lib/iptables/libipt_helper.so
/lib/iptables/libipt_icmp.so
/lib/iptables/libipt_IPMARK.so
/lib/iptables/libipt_iprange.so
/lib/iptables/libipt_ipv4options.so
/lib/iptables/libipt_IPV4OPTSSTRIP.so
/lib/iptables/libipt_length.so
/lib/iptables/libipt_limit.so
/lib/iptables/libipt_LOG.so
/lib/iptables/libipt_mac.so
/lib/iptables/libipt_mark.so
/lib/iptables/libipt_MARK.so
/lib/iptables/libipt_MASQUERADE.so
/lib/iptables/libipt_MIRROR.so
/lib/iptables/libipt_mport.so
/lib/iptables/libipt_multiport.so
/lib/iptables/libipt_NETLINK.so
/lib/iptables/libipt_NETMAP.so
/lib/iptables/libipt_NOTRACK.so
/lib/iptables/libipt_nth.so
/lib/iptables/libipt_osf.so
/lib/iptables/libipt_owner.so
/lib/iptables/libipt_physdev.so
/lib/iptables/libipt_pkttype.so
/lib/iptables/libipt_policy.so
/lib/iptables/libipt_pool.so
/lib/iptables/libipt_POOL.so
/lib/iptables/libipt_psd.so
/lib/iptables/libipt_quota.so
/lib/iptables/libipt_random.so
/lib/iptables/libipt_realm.so
/lib/iptables/libipt_recent.so
/lib/iptables/libipt_REDIRECT.so
/lib/iptables/libipt_REJECT.so
/lib/iptables/libipt_ROUTE.so
/lib/iptables/libipt_rpc.so
/lib/iptables/libipt_SAME.so
/lib/iptables/libipt_sctp.so
/lib/iptables/libipt_set.so
/lib/iptables/libipt_SET.so
/lib/iptables/libipt_SNAT.so
/lib/iptables/libipt_standard.so
/lib/iptables/libipt_state.so
/lib/iptables/libipt_string.so
/lib/iptables/libipt_TARPIT.so
/lib/iptables/libipt_TCPLAG.so
/lib/iptables/libipt_tcpmss.so
/lib/iptables/libipt_TCPMSS.so
/lib/iptables/libipt_tcp.so
/lib/iptables/libipt_time.so
/lib/iptables/libipt_tos.so
/lib/iptables/libipt_TOS.so
/lib/iptables/libipt_TRACE.so
/lib/iptables/libipt_ttl.so
/lib/iptables/libipt_TTL.so
/lib/iptables/libipt_u32.so
/lib/iptables/libipt_udp.so
/lib/iptables/libipt_ULOG.so
/lib/iptables/libipt_unclean.so
/lib/iptables/libipt_XOR.so
/sbin/iptables
/sbin/iptables-restore
/sbin/iptables-save
/usr/share/doc/iptables
/usr/share/doc/iptables/changelog.Debian.gz
/usr/share/doc/iptables/changelog.gz
/usr/share/doc/iptables/copyright
/usr/share/doc/iptables/examples
/usr/share/doc/iptables/examples/3iptables-ppp_down-rules
/usr/share/doc/iptables/examples/3iptables-ppp_up-rules.gz
/usr/share/doc/iptables/examples/oldinitdscript.gz
/usr/share/doc/iptables/html
/usr/share/doc/iptables/html/NAT-HOWTO-10.html
/usr/share/doc/iptables/html/NAT-HOWTO-11.html
/usr/share/doc/iptables/html/NAT-HOWTO-1.html
/usr/share/doc/iptables/html/NAT-HOWTO-2.html
/usr/share/doc/iptables/html/NAT-HOWTO-3.html
/usr/share/doc/iptables/html/NAT-HOWTO-4.html
/usr/share/doc/iptables/html/NAT-HOWTO-5.html
/usr/share/doc/iptables/html/NAT-HOWTO-6.html
/usr/share/doc/iptables/html/NAT-HOWTO-7.html
/usr/share/doc/iptables/html/NAT-HOWTO-8.html
/usr/share/doc/iptables/html/NAT-HOWTO-9.html
/usr/share/doc/iptables/html/NAT-HOWTO.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-10.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-11.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-1.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-2.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-3.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-4.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-5.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-6.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-7.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-8.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-9.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO.html
/usr/share/doc/iptables/README.Debian.gz
/usr/share/lintian/overrides/iptables
/usr/share/man/man8/iptables.8.gz
/usr/share/man/man8/iptables-restore.8.gz
/usr/share/man/man8/iptables-save.8.gz
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables/module.h
/var/lib/dpkg/info/iptables.list
/var/lib/dpkg/info/iptables.md5sums
/var/lib/dpkg/info/iptables.postinst
/var/lib/dpkg/info/iptables.prerm

is there an other way to get iptables running under dom0 ...domU is a precompiled system (FLI4L) its support iptables

thanks a lot i hope someone can help me and other users they have the sameproblem like me and the idol

best regards
ren22

ren22 6th November 2006 22:23

or maybe one can help howto compile a kernel with iptables inside and not as a module for the dom0 ...

thanks a lot for helping me out

LG ren22

ren22 7th November 2006 14:26

hey again

other question, after i installed xen from the sources then modifying the bootloader and add

title Xen 3.0.3 / XenLinux 2.6
root (hd0,0)
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6-xen root=/dev/hda6 ro max_loop=255
module /initrd.img-2.6.16.29-xen

reboot and booting up this configuration and type on the console
iptables -L
and get the result

debian:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

...iptables looks fine ..

so when i compile the kernel with the options

File systems -->[*] Quota support
<M> Old quota format support
<M> Quota format v2 support

Device Drivers ---> Network device support ---> <M> Dummy net driver support

Networking ---> Networking options --->[*] Network packet filtering (replaces ipchains) ---> Core Netfilter Configuration ---> <M> Netfilter Xtables support (required for ip_tables)

Networking ---> Networking options --->[*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)

modifying again the boot loader for the new kernel and boot it up
then i get the error from my first post ...

WHERE IS THE FUKING PROBLEM ????????????????????????

ihave tried to the options to as no module but directly inside the kernel but there problem isnt gone away ...im so stupid or is the really a problem with iptables ?

LG ren22

falko 7th November 2006 16:31

Quote:

Originally Posted by ren22
modifying again the boot loader for the new kernel and boot it up
then i get the error from my first post ...

What exactly did you modify?

ren22 7th November 2006 18:37

hi falko and thx for your support

i only modifying the bootloader with the start options ..(this is what i mean with
...
modifiynd)
...
title Xen 3.0.3 / XenLinux 2.6
root (hd0,0)
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6-xen root=/dev/hda6 ro max_loop=255
module /initrd.img-2.6.16.29-xen
...

and i was trying to implement the iptables directly in the kernel and not as modules ...

LG ren22

ren22 8th November 2006 16:30

no one has an idea to fix the problem ?

LG ren22

falko 8th November 2006 17:31

Quote:

Originally Posted by ren22
hi falko and thx for your support

i only modifying the bootloader with the start options ..(this is what i mean with
...
modifiynd)
...
title Xen 3.0.3 / XenLinux 2.6
root (hd0,0)
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6-xen root=/dev/hda6 ro max_loop=255
module /initrd.img-2.6.16.29-xen
...

and i was trying to implement the iptables directly in the kernel and not as modules ...

LG ren22

I mean what exactly did you have in your menu.lst when iptables didn't work, and what did you have in there when it worked? Please post both configurations so that we can compare them...

ren22 10th November 2006 17:23

thanks falko for ur help
..so i have reinstalled my debian system plus your howto and now after the third installation it works ^^ :)
idont know why or where was the prob but the different thing what i was doing is i added all iptables modules in the kernelconfig menu as modules and after this its working right now :) :) :) "iptables -L"
but one problem is left only my second card will connect to the internet and i must reinstall it again
..i am not a linux guru just a beginner since 3month i hope its works again after reinstalling the 4time

LG ren22

and many thanks for helping me out
maybe this thread can be closed

falko 11th November 2006 17:12

Quote:

Originally Posted by ren22
idont know why or where was the prob but the different thing what i was doing is i added all iptables modules in the kernelconfig menu as modules and after this its working right now :) :) :) "iptables -L"

I installed iptables as a module in the tutorial, too: http://www.howtoforge.com/debian_sarge_xen_3.0.3_p2

finn 12th December 2006 00:33

Same problem...
 
I am having the same problem.
iptables -L in dom0 gives the following:
Code:

x2100:~# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

I have followed The Perfect Xen 3.0.3 Setup For Debian Sarge to the letter, except for the fact that I needed an initrd to get my dom0 kernel to boot. Could this have anything to do with the iptables not being included as a module?

uname -a gives:

x2100:~# uname -a
Linux x2100.ecobee.co.uk 2.6.16.29-xen0 #6 Mon Dec 11 23:37:19 GMT 2006 i686 GNU/Linux

Thanks in advance for any suggestions.


All times are GMT +2. The time now is 12:50.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.