James B. Byrne wrote:
On Fri, January 8, 2010 15:32, James B. Byrne wrote:
I went to reload (iptables-restore) my iptables configuration and obtained an error at the COMMIT statement. No further details were provided even when I ran restore with the -v option.
I ran lsmod and I do not find that ipt_recent is loaded. In fact, I don not see any ipt modules other than itp_LOG. There was a recent kernel update. Does anyone know if this had any adverse effects on loading ipt_recent?
. . . ip_tables 17029 3 iptable_nat,iptable_mangle,iptable_filter ipt_LOG 10049 6 ipv6 267489 23 ip6t_REJECT . . .
And this does not look good either:
# modprobe --first-time ipt_recent FATAL: Error inserting ipt_recent (/lib/modules/2.6.18-164.9.1.el5/kernel/net/ipv4/netfilter/ipt_recent.ko): Unknown symbol in module, or unknown parameter (see dmesg)
There is no entry in /var/log/dmesg relating to this problem.
fwiw, no problem here with the before-last kernel:
[root@tryo nthierry]# uname -a Linux tryo.imag.fr 2.6.18-164.9.1.el5 #1 SMP Tue Dec 15 20:57:57 EST 2009 x86_64 x86_64 x86_64 GNU/Linux [root@tryo nthierry]# modprobe --first-time ipt_recent [root@tryo nthierry]# lsmod | grep ipt_recent ipt_recent 42969 0 x_tables 50505 5 ipt_recent,ipt_REJECT,xt_state,xt_tcpudp,ip_tables
And also no problem with the latest kernel: [after a reboot to 2.6.18-164.10.1.el5] [root@tryo nthierry]# uname -a Linux tryo.imag.fr 2.6.18-164.10.1.el5 #1 SMP Thu Jan 7 19:54:26 EST 2010 x86_64 x86_64 x86_64 GNU/Linux [root@tryo nthierry]# modprobe --first-time ipt_recent [root@tryo nthierry]# lsmod ipt_recent Usage: lsmod [root@tryo nthierry]# lsmod | grep ipt_recent ipt_recent 42969 0 x_tables 50505 5 ipt_recent,ipt_REJECT,xt_state,xt_tcpudp,ip_tables
what's your kernel? did you reboot after upgrading?
modprobe is trying to insert the 2.6.18-164.9.1.el5 module, but you mentioned the latest kernel upgrade (which is 164-10.1)