Doug,
I'm no expert, but I do know you will most likely need to recompile the kernel with iptables support. Iptables requires kernel version 2.4.x. The command uname -a will tell you what version you are currently running... probably 2.2.x. Let me know if you want some info on kernel recompiling.
Resist the urge to go to Redhat. Debian can be difficult to learn, but it is worth the effort.
Regards,
Chad Butler
-----Original Message-----
From: Doug_The_Slug [mailto:doug@dougtheslug.ca]
Sent: Thursday, February 06, 2003 2:05 PM
To: debian-firewall@lists.debian.org
Subject: iptables - can't locate module ip_tables
here's the deal. i have a win2k router which has been running fairly well
since i set it up maybe half a year ago. the main problem is gui overhead,
and i have to run it on a p2 - 333 to get good speeds with little lag. this
is obviously ridiculous.
my solution. i want to set up a linux router. a buddy of mine recommended
debian because once setup, is very easy to maintain, especially with things
like apt-get (which i have used and am liking very much)
so i picked up the 6 disks (rescue, root img, 4 x driver disks).
installed base system - (installed 2 nics. get one connected to net and got
base system from ftp site)
therefore, this should mean latest kernel and utils. using tasksel i choose
basic unix server, since this gives me things like sshd, less, locate and so
on. by the descriptions, i should not need any other grouped packages. (no
apache required, although i later put this on and installed webmin to see if
i could do stuff there, but i will explain that later). i did not run
dselect since last time i did that, i spent days going through the huge list
of packages, and got nothing more in terms of actual functionality.
i apt-get dhcpd, set that up with ranges and hosts. good to go, i have a
machine behind with an appropriately assigned IP. it can't get on the net.
i go over to iptables. i don't seem to be getting any response. so i try
to simple list: (while user makes no difference, i am logged in as root)
--->
p166deb:/# iptables -L
modprobe: Can't locate module ip_tables
iptables v1.2.6a: can't initialize iptables table `filter': iptables who?
(do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
<---
so ip_tables for whatever reason can't be found. i read in forums that if
ipchains is loaded, it can conflict.
--->
p166deb:/# rmmod ipchains
rmmod: module ipchains is not loaded
<---
not loaded. maybe iptables is not installed?
--->
p166deb:/# apt-get install iptables
Reading Package Lists... Done
Building Dependency Tree... Done
Sorry, iptables is already the newest version.
0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
<---
so iptables is installed and in the latest version according to apt-get
sources (i have noticed that iptables is at 1.2.7a, but 1.2.6a should still
work at least!!) so do i have an ip_tables file that for some reason is not
being found?
--->
p166deb:/# locate ip_tables
/usr/include/linux/netfilter_ipv4/ip_tables.h
<---
there's a file. unfortunately, i do not know what to do with this file as i
have no clue where it should be. also, i have no clue what is inside the
file. when i look, the closest thing it resembles to me is vhdl, and i know
that has nothing to do with it :)
i then tried to see if webmin could help me, so i installed apache and
webmin, and started loading modules. webmin-dhcpd, webmin-sshd and they
show up fine. but i cannot find a iptables module for webmin. (i was
hoping for a gui interface which might have a different way of presenting
things)
webmin-iptables and webmin-ip_tables do not exist.
there are no ip_tables to install through apt-get, so i have no clue why
this file is not there (or loaded). one would think that if iptables was
installed, it would have supporting files installed and loaded.
i have also looked around on forums all over the net and have tried many
things, of which none of them have done anything to fix the problem of
ip_tables not being found as a module.
any help appreciated.
if this doesn't work, i'll probably move to redhat, for i've had other
friends setup routers easily with redhat, but i'd rather try and get debian
running.
-doug
--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org