Adding variables to iptables file
Jason Opperisano
opie at 817west.com
Wed Mar 9 02:37:12 CET 2005
On Tue, 2005-03-08 at 17:50, Dimitri Yioulos wrote:
> This may not be related, but I'm also getting this error.
it's not.
> I upgraded from
> iptables-1.2.8-12.3 to iptables-1.2.11-3.2 on a CentOS 3.4 box. I created
> the new version from src.rpm. Now, when I fire off iptables, I get the
> "error at line 2", which in my iptables is nat, and iptables fails to load.
> Further exploration and experimentation shows that when I try to load
> iptable_nat.o, I get symbol errors. However, when I run a iptables script I
> created, despite a little complaining, iptables does load.
that's the classic symptom of kernel & userspace being out of sync.
i.e. your kernel has patches applied to it that your userspace iptables
command is not aware of.
> Any help to get this fixed (which hopefully helps the OP, too) would be
> greatly appreciated.
when you apply patches from PoM, make sure you specify KERNEL_DIR and
IPTABLES_DIR and that you then compile the iptables userspace against
that kernel source tree.
the error indicates that the conntrack structures of the iptables binary
and the kernel are different sizes.
-j
--
"The lesson is: Our God is vengeful! O spiteful one, show me who to
smite and they shall be smoten!!!"
--The Simpsons
More information about the netfilter
mailing list