Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 570
  • Last Modified:

iptables on redhat 7.1

i'm using redhat 7.1, and i have problem with iptables
everytime i want to use iptables, it always display this error message

/lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: init_module: Device or resource busy
Hint: insmod errors can be caused by incorrect module parameters, including invalid IO or IRQ parameters/lib

/lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod /lib......../ip_tables.o failed

iptables 1.2.1a: can't initialize iptables table 'filter': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded

????
0
ichen
Asked:
ichen
  • 2
1 Solution
 
jlevieCommented:
That sounds like ipchains is loaded, which is the default configuration for RH 7.1. To fix, disable ipchains ("chkconfig --level 2345 ipchains off" or via linuxconf) and reboot. Note that iptables won't actually start at boot time until you create a config file (/etc/sysconfig/iptables), but after the reboot you should be able to do "iptables -L".
0
 
ichenAuthor Commented:
what do you mean by config file?
0
 
jlevieCommented:
Well, iptables, like ipcahins, requires a configuation file to tell it what to do. When either are running they default to a filter set that passes everything, something like:

disorder> dwim iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        

You can see that no filtering is occuring because no rules have been specified manually or via a config file. You probably want to look at the HowTo's (http://netfilter.samba.org/unreliable-guides/) for an explanation of what you can do with iptables/NetFilter (i.e., what goes into the config file). And there are various "canned" config files on the Internet, http://mirkk.kurd.nu/~monmotha/firewall/index.php is one example.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now