Fw: Strange IPTABLES situation

Thu, 13 Dec 2001 09:03:19 -0300 (ART)

It looks like either you already have ipchains or ipfwadm modules already 
loaded... Could you send the list of loaded modules (with /sbin/lsmod)?

BTW, kernel is compiled with netfilter/ip_tables support, isn't it?

Regards,

Flavio.

On Thu, 13 Dec 2001, D Thapa wrote:

> Hi, again,
> 
> Further to my earlier message, I found that when I try to load the modules
> ie "/sbin/insmod ip_tables" I got the following message:
> 
> Using /lib/modules/2.4.2-2/kernal/net/ipv4/netfilter/ip_tables.o
> /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o:init_module:Devic
> e or resource busy
> Hint: insmod errors can be caused by incorrect  module parameters, including
> invalid IO or IRQ parameters.
> 
> How can I solve this problem, please.
> 
> Thanks.
> 
> Damar
> 
> ----- Original Message -----
> From: D Thapa <damar@sst.com.hk>
> To: <netfilter@lists.samba.org>
> Sent: Thursday, December 13, 2001 5:51 PM
> Subject: Strange IPTABLES situation
> 
> 
> > Hi,
> >
> > I used the following script on Linux RH7.1, installed as a server, and it
> > worked with default kernel configuration (no kernel re-compilation was
> > necessary) with no problem:
> >
> > ****************START OF THE SCRIPT**********************************
> > #!/bin/bash
> >
> > /sbin/rmmod ip_tables
> > /sbin/rmmod ip_conntrack
> > /sbin/rmmod iptable_nat
> > /sbin/rmmod ipt_MASQUERADE
> > /sbin/rmmod ip_conntrack_ftp
> > /sbin/rmmod ip_nat_ftp
> >
> > /sbin/insmod ip_tables
> > /sbin/insmod ip_conntrack
> > /sbin/insmod iptable_nat
> > /sbin/insmod ipt_MASQUERADE
> > /sbin/insmod ip_conntrack_ftp
> > /sbin/modprobe ip_nat_ftp
> >
> > /sbin/iptables -F
> > /sbin/iptables -t nat -F
> > /sbin/iptables --delete-chain
> > /sbin/iptables --table nat --delete-chain
> >
> > /sbin/iptables -N tcp_allowed
> > /sbin/iptables -N tcp_packets
> >
> > /sbin/iptables -A FORWARD -j ACCEPT
> >
> > /sbin/iptables -A tcp_allowed -p tcp -i ppp0 --dport 21 -j ACCEPT
> > /sbin/iptables -A tcp_allowed -p tcp -i ppp0 --dport 20 -j ACCEPT
> >
> > /sbin/iptables -A tcp_packets -p tcp -s 0/0 --dport 21 -j tcp_allowed
> > /sbin/iptables -A tcp_packets -p tcp -d 0/0 --dport 20 -j tcp_allowed
> >
> >
> > /sbin/iptables -A INPUT -s 192.168.255.0/24 -p tcp --dport 109 -j ACCEPT
> > /sbin/iptables -A INPUT -s 192.168.255.0/24 -p tcp --dport 110 -j ACCEPT
> > /sbin/iptables -A INPUT -s 192.168.255.0/24 -p tcp --dport 25 -j ACCEPT
> >
> > echo 1 > /proc/sys/net/ipv4/ip_forward
> >
> > /sbin/iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> >
> > ***********************  END OF THE SCRIPT
> > **************************************
> >
> > Now, I prepared another server, and tried to run the above script, but it
> > did not work.  I got error messages something like these:
> >
> > :command not found
> > :command not found
> > :command not found
> >
> > is not loadebip_table
> > is not loadedip_conntrack
> > is not loadediptable_nat
> > is not loadediptable_MASQUERADE
> > is not loadeipt_conntrack_ftp
> > is not loadedip_nat_ftp
> > :command not found
> > :no module by that name found
> > :no module by that name found
> > :no module by that name found
> > :no module by that name found
> > :no module by that name found
> > Note:/etc/modules.conf is more recent then
> /lib/modules/2.4.2-2/modules.dep
> > modprobe: Can't locate module ip_nat_ftp
> > :command not found
> > iptables v1.2
> > .................
> > .................
> >
> > I now have downloaded and installed iptables-1.2.4-2, but it is still
> giving
> > the same error.  And since I can use /sbin/iptables command on command
> > prompt, I do not think iptables has problem.
> >
> > It seems and, I think, it suggests that the problem is on modules, can any
> > one give me some suggestions on this please.?
> >
> > regards,
> >
> > Damar
> >
> > [note:  Only difference in two servers is the first one that is working
> has
> > one physical harddisk, while theother has two.  Does it make any
> > difference?)
> >
> >
> >
> >
> 
> 