where to find ip_tables

On redhat 9, I am trying to set up ip masquerade on my lan. When I do
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE I get the
following error message:
modprobe: Can't locate module ip_tables
iptables v1.2.7a: can't initialize iptables table `nat': Table does not
exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.


Well, the kernel is the latest so I do not think that is the problem. I
tried
insmod ip_tables and came up with "no module by that name".

A search on redat.com/downloads failed to produce any such object. Does
anyone know how I can install the required module and where to get it?
Thanks,
Dick Fell

richard noel fell wrote:

> On redhat 9, I am trying to set up ip masquerade on my lan. When I do
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE I get the
> following error message:
> modprobe: Can't locate module ip_tables
> iptables v1.2.7a: can't initialize iptables table `nat': Table does not
> exist (do you need to insmod?)
> Perhaps iptables or your kernel needs to be upgraded.
>
> Well, the kernel is the latest so I do not think that is the problem. I
> tried
> insmod ip_tables and came up with "no module by that name".
>
> A search on redat.com/downloads failed to produce any such object. Does
> anyone know how I can install the required module and where to get it?
> Thanks,
> Dick Fell

I'm still running RH7.3 but this might help.

[root@blackhole devices]# head -1 /etc/issue
Red Hat Linux release 7.3 (Valhalla)
[root@blackhole devices]# rpm -qi iptables
Name : iptables Relocations: /usr
Version : 1.2.5 Vendor: Red Hat, Inc.
Release : 3 Build Date: Mon 04 Mar 2002
05:37:44 AM CST
Install date: Tue 09 Jul 2002 02:28:18 PM CDT Build Host:
daffy.perf.redhat.com
Group : System Environment/Base Source RPM:
iptables-1.2.5-3.src.rpm
Size : 389714 License: GPL
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL : http://www.netfilter.org/
Summary : Tools for managing Linux kernel packet filtering
capabilities.
Description :
The iptables utility controls the network packet filtering code in the
Linux kernel. If you need to set up firewalls and/or IP masquerading,
you should install this package.
[root@blackhole devices]#

The executable is /sbin/iptables and there are probably 30-40 modules in
/lib/iptables/

--
Software production is assumed to be a line function, but it is run
like a staff function.
-- Paul Licker

11:54am up 6 days, 17:09, 7 users, load average: 1.09, 1.39, 1.01
One billion seconds ago it was 09:07:20 CST Thu 12/16/71

Repeat after me: "The primary purpose of any government
entity is to employ the unemployable."

richard noel fell wrote:

> On redhat 9, I am trying to set up ip masquerade on my lan. When I do
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE I get the
> following error message:
> modprobe: Can't locate module ip_tables
> iptables v1.2.7a: can't initialize iptables table `nat': Table does not
> exist (do you need to insmod?)
> Perhaps iptables or your kernel needs to be upgraded.
>
>
> Well, the kernel is the latest so I do not think that is the problem. I
> tried
> insmod ip_tables and came up with "no module by that name".
>
> A search on redat.com/downloads failed to produce any such object. Does
> anyone know how I can install the required module and where to get it?
> Thanks,
> Dick Fell

Is iptables installed? Check with:

[root@Homesrv01 html]# rpm -q iptables
iptables-1.2.5-3

Nick

--
You may be sure that when a man begins to call himself a "realist," he
is preparing to do something he is secretly ashamed of doing.
-- Sydney Harris

Robert Jones wrote:

>richard noel fell wrote:
>
>
>
>>On redhat 9, I am trying to set up ip masquerade on my lan. When I do
>>iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE I get the
>>following error message:
>>modprobe: Can't locate module ip_tables
>>iptables v1.2.7a: can't initialize iptables table `nat': Table does not
>>exist (do you need to insmod?)
>>Perhaps iptables or your kernel needs to be upgraded.
>>
>>Well, the kernel is the latest so I do not think that is the problem. I
>>tried
>>insmod ip_tables and came up with "no module by that name".
>>
>>A search on redat.com/downloads failed to produce any such object. Does
>>anyone know how I can install the required module and where to get it?
>>Thanks,
>>Dick Fell
>>
>>
>
>I'm still running RH7.3 but this might help.
>
>[root@blackhole devices]# head -1 /etc/issue
>Red Hat Linux release 7.3 (Valhalla)
>[root@blackhole devices]# rpm -qi iptables
>Name : iptables Relocations: /usr
>Version : 1.2.5 Vendor: Red Hat, Inc.
>Release : 3 Build Date: Mon 04 Mar 2002
>05:37:44 AM CST
>Install date: Tue 09 Jul 2002 02:28:18 PM CDT Build Host:
>daffy.perf.redhat.com
>Group : System Environment/Base Source RPM:
>iptables-1.2.5-3.src.rpm
>Size : 389714 License: GPL
>Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
>URL : http://www.netfilter.org/
>Summary : Tools for managing Linux kernel packet filtering
>capabilities.
>Description :
>The iptables utility controls the network packet filtering code in the
>Linux kernel. If you need to set up firewalls and/or IP masquerading,
>you should install this package.
>[root@blackhole devices]#
>
>The executable is /sbin/iptables and there are probably 30-40 modules in
>/lib/iptables/
>
>--
>Software production is assumed to be a line function, but it is run
>like a staff function.
> -- Paul Licker
>
> 11:54am up 6 days, 17:09, 7 users, load average: 1.09, 1.39, 1.01
> One billion seconds ago it was 09:07:20 CST Thu 12/16/71
>
>Repeat after me: "The primary purpose of any government
>entity is to employ the unemployable."
>
>
>
>
Thanks for reply. It turns out iptables is installed (see next message
in thread). Now, to figure out the error message.
Thanks,
Dick

richard noel fell wrote:
>> The executable is /sbin/iptables and there are probably 30-40 modules in
>> /lib/iptables/

> Thanks for reply. It turns out iptables is installed (see next message
> in thread). Now, to figure out the error message.

You could try to specify the module's name with insmod (see manpage).

A better way would be to the modify /etc/modules.conf to tell insmod
where it can find them (I don't have the "/lib/iptables" dir, but on
my box they are in "/lib/modules/2.4.19-4GB/kernel/net/ipv4/netfilter"
on a off-the-box SuSE 8.1 distro).


Cheers, Jack.

--
----------------------------------------------------------------------
My personal reading of the string "MicroSoft" expands to "NanoWeak"...

In article <bibcbc$rt0$(E-Mail Removed)>, richard noel fell wrote:
>>>On redhat 9, I am trying to set up ip masquerade on my lan. When I do
>>>iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE I get the
>>>following error message:
>>>modprobe: Can't locate module ip_tables
>>> [snip]
>>>tried insmod ip_tables and came up with "no module by that name".

You should normally use modprobe unless you really know what you're
doing (and then you'll know WHY But that would have been the right
step to take.

Since the module does not exist, that must mean you don't have it! If
you're using the distro kernel, somehow your modules were deleted. Try
reinstalling whatever package had the netfilter modules (someone else
said it was in the iptables RPM.) And BE CAREFUL at the root prompt,
lest you shall go deleting OTHER essential files too! There are good
reasons why you are advised against using the root account for routine
work.

If you're using a custom kernel, you didn't configure it correctly. I
recommend that you revert to using the distro kernel until you figure
out how to configure your kernel.

> in thread). Now, to figure out the error message.

It's rather clear IMO.
--
/dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
or put "not-spam" or "/dev/rob0" in Subject header to reply

/dev/rob0 wrote:

>In article <bibcbc$rt0$(E-Mail Removed)>, richard noel fell wrote:
>
>
>>>>On redhat 9, I am trying to set up ip masquerade on my lan. When I do
>>>>iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE I get the
>>>>following error message:
>>>>modprobe: Can't locate module ip_tables
>>>>[snip]
>>>>tried insmod ip_tables and came up with "no module by that name".
>>>>
>>>>
>
>You should normally use modprobe unless you really know what you're
>doing (and then you'll know WHY But that would have been the right
>step to take.
>
>Since the module does not exist, that must mean you don't have it! If
>you're using the distro kernel, somehow your modules were deleted. Try
>reinstalling whatever package had the netfilter modules (someone else
>said it was in the iptables RPM.) And BE CAREFUL at the root prompt,
>lest you shall go deleting OTHER essential files too! There are good
>reasons why you are advised against using the root account for routine
>work.
>
>If you're using a custom kernel, you didn't configure it correctly. I
>recommend that you revert to using the distro kernel until you figure
>out how to configure your kernel.
>
>
>
>>in thread). Now, to figure out the error message.
>>
>>
>
>It's rather clear IMO.
>
>
But that is the mystery.
rpm -q
iptables-1.2.7a-2

So, it appears to have been installed and yet the messages indicating
that it has not been installed.
Thanks,
Dick

We'll go back over some of what was already written.

In article <bid2n0$e7o$(E-Mail Removed)>, richard noel fell wrote:
>>Since the module does not exist, that must mean you don't have it! If
>>you're using the distro kernel, somehow your modules were deleted. Try

Let's take this step-by-step. Are you using a distro kernel? Try this:
uname -a
and post that output. Then try this:
locate ip_tables.o
and let us know if you get something; if it's just a few lines post it
too.

>>reinstalling whatever package had the netfilter modules (someone else
>>said it was in the iptables RPM.) And BE CAREFUL at the root prompt,

I don't use Red Hat, so I don't know how they packaged the netfilter
modules. Someone else said they were with iptables, but that might have
been wrong. Query the RPM database for "ip_tables.o" or "ip_tables.o.gz"
and see what you find.

>>lest you shall go deleting OTHER essential files too! There are good
>>reasons why you are advised against using the root account for routine

I mentioned this because IIUC your RPM database would still list files
which were deleted. At least I assume it would; I know nothing about it.
Do you use the root account for anything other than actual system
administration? If so, you're at risk of your own mistakes or even of
obscure software bugs.

>>If you're using a custom kernel, you didn't configure it correctly. I
>>recommend that you revert to using the distro kernel until you figure
>>out how to configure your kernel.

>> [snip]
> But that is the mystery.
> rpm -q
> iptables-1.2.7a-2
>
> So, it appears to have been installed and yet the messages indicating
> that it has not been installed.

There are many possible reasons for this, and I've covered those most
likely which I could guess. 1. Wrong kernel version; 2. Wrong RPM; 3.
Deleted files.
--
/dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
or put "not-spam" or "/dev/rob0" in Subject header to reply

Ian Northeast wrote:

>richard noel fell wrote:
>
>
>>/dev/rob0 wrote:
>>
>>
>
>
>
>>>Since the module does not exist, that must mean you don't have it! If
>>>you're using the distro kernel, somehow your modules were deleted. Try
>>>reinstalling whatever package had the netfilter modules (someone else
>>>said it was in the iptables RPM.) And BE CAREFUL at the root prompt,
>>>lest you shall go deleting OTHER essential files too! There are good
>>>reasons why you are advised against using the root account for routine
>>>work.
>>>
>>>If you're using a custom kernel, you didn't configure it correctly. I
>>>recommend that you revert to using the distro kernel until you figure
>>>out how to configure your kernel.
>>>
>>>
>
>
>
>>>>in thread). Now, to figure out the error message.
>>>>
>>>>
>>>It's rather clear IMO.
>>>
>>>
>
>
>
>>But that is the mystery.
>>rpm -q
>>iptables-1.2.7a-2
>>
>>So, it appears to have been installed and yet the messages indicating
>>that it has not been installed.
>>
>>
>
>The iptables RPM contains the user space "iptables" command. The
>ip_tables module is part of the kernel and will be in a kernel RPM. I
>don't have RH to hand - in SuSE it's in the k_deflt RPM.
>
>So are you using a stock kernel? If so you need to work out what RPM
>contains the ip_tables module and reinstall it. If you built your own
>kernel, you need to rebuild it (or its modules) specifying that you want
>the netfilter modules.
>
>Regards, Ian
>
>
Thank you Ian. Please see my reply to the next post.
Dick

On Mon, 25 Aug 2003 13:33:12 +0000, richard noel fell wrote:

> /dev/rob0 wrote:
>
>>We'll go back over some of what was already written.
>>
>>In article <bid2n0$e7o$(E-Mail Removed)>, richard noel fell wrote:
>>
>>
>>>>Since the module does not exist, that must mean you don't have it! If
>>>>you're using the distro kernel, somehow your modules were deleted. Try
>>>>
>>>>
>>
>>Let's take this step-by-step. Are you using a distro kernel? Try this:
>> uname -a
>>and post that output. Then try this:
>> locate ip_tables.o
>>and let us know if you get something; if it's just a few lines post it
>>too.
>>
>>
>>
>>>>reinstalling whatever package had the netfilter modules (someone else
>>>>said it was in the iptables RPM.) And BE CAREFUL at the root prompt,
>>>>
>>>>
>>
>>I don't use Red Hat, so I don't know how they packaged the netfilter
>>modules. Someone else said they were with iptables, but that might have
>>been wrong. Query the RPM database for "ip_tables.o" or "ip_tables.o.gz"
>>and see what you find.
>>
>>
>>
>>>>lest you shall go deleting OTHER essential files too! There are good
>>>>reasons why you are advised against using the root account for routine
>>>>
>>>>
>>
>>I mentioned this because IIUC your RPM database would still list files
>>which were deleted. At least I assume it would; I know nothing about it.
>>Do you use the root account for anything other than actual system
>>administration? If so, you're at risk of your own mistakes or even of
>>obscure software bugs.
>>
>>
>>
>>>>If you're using a custom kernel, you didn't configure it correctly. I
>>>>recommend that you revert to using the distro kernel until you figure
>>>>out how to configure your kernel.
>>>>
>>>>
>>
>>
>>
>>>>[snip]
>>>>
>>>>
>>>But that is the mystery.
>>>rpm -q
>>>iptables-1.2.7a-2
>>>
>>>So, it appears to have been installed and yet the messages indicating
>>>that it has not been installed.
>>>
>>>
>>
>>There are many possible reasons for this, and I've covered those most
>>likely which I could guess. 1. Wrong kernel version; 2. Wrong RPM; 3.
>>Deleted files.
>>
>>
> Thanks again for all responses. Here is the output (rosewall is the name
> of my machine)
> [rfell@rosewall rfell]$ uname -a
> Linux rosewall 2.4.21-asmp #2 SMP Thu Jun 26 12:08:42 EDT 2003 i686
> athlon i386 GNU/Linux
> [rfell@rosewall rfell]$ locate ip_tables.o
> [rfell@rosewall rfell]$
>
> Dick

It seems that you don't have modular support for iptables in your kernel.
Please post your kernel config and the output of 'locate ip_tables.c'

Andreas