On Sunday 16 February 2003 02:04 am, Shankar; Hari wrote: > Hello, > > I'm trying to use IPTables in User Mode Linux. I've configured UML to > use IPTables replacing IPChains. But when I start up UML, and try to > play around with IPTables, I get the message, > > iptables v1.2.4: can't initialize iptables table `filter': Table does > not exist (do you need to insmod?) > Perhaps iptables or your kernel needs to be upgraded. > > The UML version that I'm running is 2.4.19. > > What could I be doing wrong? I'd very much appreciate any help! Sorry to sound like a smartass, but did you try insmod? :^) "/sbin/insmod ip_tables" or "/sbin/modprobe ip_tables" will load the iptables module, including the default table - filter. (insmod inserts the module into the running kernel, modprobe looks for it already loaded, and calls insmod if it's not found) If you get a message that insmod or modprobe can't be found, try "whereis insmod" to find the correct path on your distro. (I'm not familiar with how UML is laid out) I'll assume that with a 2.4.19 kernel that the ip_tables module is available. The module has to be loaded (or compiled into the kernel) in order for the iptables userland command to function, so you really want it started when the system starts. You can try "serviceconf", which is usually available, or "ksysv" if you have KDE installed, which gives you a nicer, more detailed interface. If it runs, check to see if "iptables" is listed, probably not selected to run. Select it to start during startup, and next time the module will be inserted automatically, and basic rules will be set. (Very basic, like no rules at all and ACCEPT policy on all chains...!) Serviceconf will let you control startup for the runlevel you are currently in. Ksysv lets you control ALL runlevels in a single view: 3 is a console startup (you have text interface for login, whether or not you load xwindows later) and 5 is xwindows startup, where you have graphical interface for login. Best bet is to start it in both anyway. Don't muck with other runlevels until you know what they do, and know what SysV-Init accomplishes in them. The nice thing with ksysv is it lets you control the sequence of startups, IE to ensure that a custom firewall script is started AFTER the iptables startup takes place - serviceconf doesn't offer this, IIRC, you have to manually change the link names in /etc/rc.d/rc5.d for example. Finally (but actually first and foremost) you should get iptables v1.2.7a installed, but you'll need to be comfortable with compiling and installing to do so. If you're not, then just work with what you have for now and get familiar and comfortable first - but be aware that the answer to a support question will sometimes be "install 1.2.7a then ask". j
