Netfilter Modules

Edward edward at tripled.iinet.net.au
Tue Aug 24 02:46:12 UTC 2004 

Just a quick question - I haven't seen this answered yet but if I've 
missed it I'm sorry.

I have in my firewall script the following lines (amongst others which 
don't affect the problem):

$DEPMOD -a
$INSMOD ip_tables
$INSMOD ip_conntrack
$INSMOD ip_conntrack_ftp
$INSMOD ip_conntrack_irc
$INSMOD iptable_nat
$INSMOD ip_nat_ftp

(Ofcourse the $DEPMOD and $INSMOD variables are set earlier in the 
script). I've always needed to do it this way since as long as I can 
remember to get FTP and IRC to work properly.

After upgrading to FC2, I've noticed the following generated in 
/var/log/messages when the script is run:

Aug 24 06:42:38 server kernel: ip_conntrack version 2.1 (1535 buckets, 
12280 max) - 296 bytes per conntrack
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_ct_selective_cleanup
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol invert_tuplepr
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_ct_gather_frags
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_untracked
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_conntrack_get
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_htable_size
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_destroyed
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
__ip_ct_find_proto
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol need_ip_conntrack
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_tuple_taken
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol 
ip_conntrack_alter_reply
Aug 24 06:42:38 server modprobe: FATAL: Error inserting iptable_nat 
(/lib/modules/2.6.6-1.435.2.3/kernel/net/ipv4/netfilter/iptable_nat.ko): 
Unknown symbol in module, or unknown parameter (see dmesg)

It looks like a module mismatch to me? Anybody have an idea? 
ip_conntrack seems OK, but why is it spewing at iptable_nat? Is it even 
needed?

Also, if there is TFM to R, then please tell me where, I'm happy to 
spend some time discovering by myself.

Regards,
Ed.

More information about the fedora-list mailing list