Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 24th November 2006, 08:18
alexnz alexnz is offline
Member
 
Join Date: Jun 2006
Posts: 66
Thanks: 3
Thanked 1 Time in 1 Post
Default iptables issue with xen perfect setup - debian

hi falko

im currently having an issue with getting iptables to work under the xen kernel AND 2.6.18.3 kernel

ive gone through 2 formats and im still having this issue, i have followed your debian perfect setup AND xen perfect guides to the letter - twice - and im having an issue:

Code:
mail:/boot# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

IM still have the same issue as above, ive been reading like CRAZY over the last few days and im all out of steam, i would really like to get XEN working with the ability of iptables and so forth, im out of ideas, please help!

the WIERD THING is that under 2.4.27 kernel iptables WORKS fine, i cant seem to find the problem!!!

this time, the third time, ive decieded to compile the lastest kernel 2.6.18.3 using this guide - and also applying iptables with it

http://www.howtoforge.com/forums/showthread.php?t=21

now when i do the "make menuconfig" i am enabling these options as laid out by the xen perfect setup:

Code:
File systems -->[*] Quota support
<M> Old quota format support
<M> Quota format v2 support

Networking ---> Networking options --->[*] Network packet filtering (replaces ipchains) ---> Core Netfilter Configuration ---> <M> Netfilter Xtables support (required for ip_tables)

Networking ---> Networking options --->[*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)
to show that, here is my config-2.6.8.13 file - which looks okay to me:

Code:
 
#
# Networking
#
CONFIG_NET=y

#
# Networking options
#
# CONFIG_NETDEBUG is not set
CONFIG_PACKET=m
CONFIG_PACKET_MMAP=y
CONFIG_UNIX=m
CONFIG_XFRM=y
CONFIG_XFRM_USER=m
CONFIG_NET_KEY=m
CONFIG_INET=y
CONFIG_IP_MULTICAST=y
CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_ASK_IP_FIB_HASH=y
# CONFIG_IP_FIB_TRIE is not set
CONFIG_IP_FIB_HASH=y
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_IP_ROUTE_FWMARK=y
CONFIG_IP_ROUTE_MULTIPATH=y
# CONFIG_IP_ROUTE_MULTIPATH_CACHED is not set
CONFIG_IP_ROUTE_VERBOSE=y
# CONFIG_IP_PNP is not set
CONFIG_NET_IPIP=m
CONFIG_NET_IPGRE=m
CONFIG_NET_IPGRE_BROADCAST=y
CONFIG_IP_MROUTE=y
CONFIG_IP_PIMSM_V1=y
CONFIG_IP_PIMSM_V2=y
# CONFIG_ARPD is not set
CONFIG_SYN_COOKIES=y
CONFIG_INET_AH=m
CONFIG_INET_ESP=m
CONFIG_INET_IPCOMP=m
CONFIG_INET_XFRM_TUNNEL=m
CONFIG_INET_TUNNEL=m
CONFIG_INET_XFRM_MODE_TRANSPORT=y
CONFIG_INET_XFRM_MODE_TUNNEL=y
CONFIG_INET_DIAG=y
CONFIG_INET_TCP_DIAG=y
# CONFIG_TCP_CONG_ADVANCED is not set
CONFIG_TCP_CONG_BIC=y

#
# IP: Netfilter Configuration
#
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_FTP=m
CONFIG_IP_NF_IRC=m
CONFIG_IP_NF_TFTP=m
CONFIG_IP_NF_AMANDA=m
CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
I then compile and mount the kernel without any issues, and then when i try iptables -L i get the same error!!! arggghhh

here is some other configs for diagnoses


lsmod shows her loaded:

Code:
mail:/boot# lsmod
Module                  Size  Used by
ip_tables              11608  -
x_tables               13120  -
ipv6                  222720  -
ehci_hcd               26244  -
usbcore               115076  -
8139cp                 20828  -
shpchp                 35128  -
pci_hotplug            13764  -
via_agp                 9532  -
8139too                24252  -
mii                     5180  -
crc32                   4124  -
parport_pc             32324  -
parport                33160  -
agpgart                32204  -
quota_v1                2908  -
.....
....
....
ive noticed that i have alot of iptables related stuff here:

locate iptables | less

Code:
/lib/iptables
/lib/iptables/libip6t_ah.so
/lib/iptables/libip6t_condition.so
/lib/iptables/libip6t_dst.so
/lib/iptables/libip6t_esp.so
/lib/iptables/libip6t_eui64.so
/lib/iptables/libip6t_frag.so
/lib/iptables/libip6t_fuzzy.so
/lib/iptables/libip6t_hbh.so
/lib/iptables/libip6t_hl.so
/lib/iptables/libip6t_HL.so
/lib/iptables/libip6t_icmpv6.so
/lib/iptables/libip6t_ipv6header.so
/lib/iptables/libip6t_length.so
/lib/iptables/libip6t_limit.so
....
......
.......
AND i have the modules in here aswell

Code:
mail:/lib/modules/2.6.18.3/kernel/net/ipv4/netfilter# ls
ip_conntrack_amanda.ko  ip_conntrack_irc.ko  ip_conntrack_tftp.ko  ip_tables.ko ip_conntrack_ftp.ko     ip_conntrack.ko      ip_queue.ko

might as well post this stuff:

/etc/fstab

Code:

# /etc/fstab: static file system information.
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    defaults        0       0
/dev/hda1       /               ext3    defaults,errors=remount-ro,usrquota,grpquota 0
/dev/hda5       none            swap    sw              0       0
/dev/hdd        /media/cdrom0   iso9660 ro,user,noauto  0       0

oh and this could help:

/boot/grub/menu.lst

Code:

title           Debian GNU/Linux, kernel 2.6.18.3
root            (hd0,0)
kernel          /boot/vmlinuz-2.6.18.3 root=/dev/hda1 ro
initrd          /boot/initrd.img-2.6.18.3
savedefault
boot

title           Debian GNU/Linux, kernel 2.6.18.3 (recovery mode)
root            (hd0,0)
kernel          /boot/vmlinuz-2.6.18.3 root=/dev/hda1 ro single
initrd          /boot/initrd.img-2.6.18.3
savedefault
boot

title           Debian GNU/Linux, kernel 2.4.27-2-386
root            (hd0,0)
kernel          /boot/vmlinuz-2.4.27-2-386 root=/dev/hda1 ro
initrd          /boot/initrd.img-2.4.27-2-386
savedefault
boot

title           Debian GNU/Linux, kernel 2.4.27-2-386 (recovery mode)
root            (hd0,0)
kernel          /boot/vmlinuz-2.4.27-2-386 root=/dev/hda1 ro single
initrd          /boot/initrd.img-2.4.27-2-386
savedefault
boot



ummmmm if ive missed anything let me know


THANKS!!!!!!!
Reply With Quote
Sponsored Links
  #2  
Old 24th November 2006, 08:26
alexnz alexnz is offline
Member
 
Join Date: Jun 2006
Posts: 66
Thanks: 3
Thanked 1 Time in 1 Post
Default

oh i compiled xen from the sources,
Reply With Quote
  #3  
Old 25th November 2006, 03:09
alexnz alexnz is offline
Member
 
Join Date: Jun 2006
Posts: 66
Thanks: 3
Thanked 1 Time in 1 Post
Default

-bump-

4th format - followed the xen perfect setup to the letter, and still getting the same iptables problem.....


anyone have any ideas?
Reply With Quote
  #4  
Old 25th November 2006, 14:49
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,748 Times in 2,579 Posts
 
Default

If you compile Xen from the sources, Xen downloads the kernel sources it needs, so downloading the 2.6.18.3 kernel is wrong. All you have to do is follow the instructions of the Xen tutorial. Please don't compile another kernel yourself.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
The Perfect Xen 3.0.3 Setup For Debian Sarge iptables problem on dom0 ren22 HOWTO-Related Questions 21 7th January 2007 20:32
The Perfect Xen 3.0 Setup For Debian - NAT problem amussa HOWTO-Related Questions 9 28th September 2006 22:27
The Perfect Xen 3.0 Setup For Debian | IPTABLES rocket30 HOWTO-Related Questions 7 25th July 2006 15:18
configuring IPTABLES firewall adityavpratap HOWTO-Related Questions 9 27th May 2006 22:42
The Perfect Xen 3.0 Setup For Debian - IpTables Problem Gurke666 HOWTO-Related Questions 2 21st April 2006 18:21


All times are GMT +2. The time now is 09:20.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.