Tiny Core Linux

Tiny Core Extensions => TCE Talk => Topic started by: AndresC2 on October 15, 2019, 06:34:51 PM

Title: iptables.tcz Version: 1.8.2
Post by: AndresC2 on October 15, 2019, 06:34:51 PM

Hi  :)

I have tinycore-10.1 and installed iptables.tcz Version: 1.8.2

iptables show this:

Code: [Select]

sudo /usr/local/sbin/basic-firewall
modprobe: can't load module nf_conntrack (kernel.tclocal/net/netfilter/nf_conntrack.ko.gz): unknown symbol in module, or unknown parameter
modprobe: can't load module nf_conntrack (kernel.tclocal/net/netfilter/nf_conntrack.ko.gz): unknown symbol in module, or unknown parameter
iptables v1.8.2 (legacy): can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.8.2 (legacy): Couldn't load match `state':No such file or directory
and later lost internet connection.

thanks.

    [EDIT]: Added code tags.  Rich

Title: Re: iptables.tcz Version: 1.8.2
Post by: Rich on October 15, 2019, 08:34:56 PM

Hi AndresC2
Does installing  ipv6-KERNEL.tcz  help?

This was reported before:
http://forum.tinycorelinux.net/index.php/topic,22503.msg141019.html#msg141019

Title: Re: iptables.tcz Version: 1.8.2
Post by: AndresC2 on October 16, 2019, 05:42:22 PM

Thank you RICH !

installing  ipv6-KERNEL.tcz fix the problem.

Title: Re: iptables.tcz Version: 1.8.2
Post by: Rich on October 16, 2019, 08:57:23 PM

Hi AndresC2
You are welcome. Thanks for confirming that fixed it.

I just ran modinfo on conntrack:

Code: [Select]

tc@E310:~/x$ modinfo  /usr/local/lib/modules/4.19.10-tinycore64/kernel/net/netfilter/nf_conntrack.ko.gz
filename:       /usr/local/lib/modules/4.19.10-tinycore64/kernel/net/netfilter/nf_conntrack.ko.gz
license:        GPL
parm:           nf_conntrack_helper:Enable automatic conntrack helper assignment (default 0)
parm:           acct:Enable connection tracking flow accounting.
parm:           tstamp:Enable connection tracking flow timestamping.
alias:          nf_conntrack-10
alias:          nf_conntrack-2
alias:          ip_conntrack
depends:        nf_defrag_ipv6,nf_defrag_ipv4
intree:         Y
vermagic:       4.19.10-tinycore64 SMP mod_unload
tc@E310:~/x$
nf_defrag_ipv6  is provided by  ipv6-KERNEL.tcz  so it looks like  ipv6-KERNEL.tcz  should be added to  netfilter-KERNEL.tcz.dep.

Title: Re: iptables.tcz Version: 1.8.2
Post by: Juanito on October 17, 2019, 01:17:01 AM

netfilter-KERNEL is a dep of ipv6-KERNEL, so we would create a circular dependency if we did that.

As @curaga mentions, we will probably need to merge the two for tc-11.x

Title: Re: iptables.tcz Version: 1.8.2
Post by: Rich on November 24, 2019, 09:33:02 AM

Hi Juanito

Quote from: Juanito on October 17, 2019, 01:17:01 AM

netfilter-KERNEL is a dep of ipv6-KERNEL, so we would create a circular dependency if we did that. ...

So if the contents of the  iptables.tcz.dep  file was changed
From:

Code: [Select]

netfilter-KERNEL.tczTo:

Code: [Select]

ipv6-KERNEL.tczthat would fix it for TC10, right?