Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

IP masquerading in Rh 7.3

Posted on 2002-07-15
5
Medium Priority
?
492 Views
Last Modified: 2010-04-20
I have RH 7.3 with my Xeon machine.
Everything goes fine, and I can use Ip masquerading excep for the ftp. As I can see that, I can not install loadable modules.

When I run a typical rc.firewall file within my box the
following outcome occurs.
In the script I have lines like
/sbin/insmod ip_tables
/sbin/insmod ip_nat_ftp
/sbin/insmod ip_conntrack
and so on.

/sbin/depmod -a works fine.

The problem is seen either in standard, standard smp and
compiled from source code kernels.

How I can solve such problems?

thx

-kasim
ip_tables, Using /lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_tables.o
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_tables.o: init_module: Device or resource busy
Hint: insmod errors can be caused by incorrect module parameters, including invalid IO or IRQ parameters
ip_conntrack, Using /lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack.o
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack.o: init_module: Device or resource busy
Hint: insmod errors can be caused by incorrect module parameters, including invalid IO or IRQ parameters
ip_conntrack_ftp, Using /lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o: unresolved symbol ip_conntrack_helper_unregister_Rsmp_40d1f34f
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o: unresolved symbol ip_conntrack_expect_related_Rsmp_aed0cb12
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack_ftp.o: unresolved symbol ip_conntrack_helper_register_Rsmp_1844eee6
ip_conntrack_irc, Using /lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack_irc.o
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack_irc.o: unresolved symbol ip_conntrack_helper_unregister_Rsmp_40d1f34f
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack_irc.o: unresolved symbol ip_conntrack_expect_related_Rsmp_aed0cb12
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_conntrack_irc.o: unresolved symbol ip_conntrack_helper_register_Rsmp_1844eee6
iptable_nat, Using /lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_ct_gather_frags_Rsmp_8e87e50f
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_destroyed_Rsmp_ef5b77f8
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ipt_unregister_table_Rsmp_a5aa35a8
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ipt_register_target_Rsmp_fee135d1
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_get_Rsmp_07dc77cd
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_alter_reply_Rsmp_85dc02e5
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ipt_register_table_Rsmp_89aaa07b
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ipt_unregister_target_Rsmp_1fd43bf7
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ipt_do_table_Rsmp_66f9aaea
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_tuple_taken_Rsmp_be57882b
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_module_Rsmp_b0361033
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_conntrack_htable_size_Rsmp_8ef8af4c
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol ip_ct_selective_cleanup_Rsmp_74c9972a
/lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/iptable_nat.o: unresolved symbol invert_tuplepr_Rsmp_5e68d8a9
ip_nat_ftp, Using /lib/modules/2.4.18-3smp/kernel/net/ipv4/netfilter/ip_nat_ftp.o
0
Comment
Question by:kasim
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 5

Expert Comment

by:vsamtani
ID: 7157076
Use lsmod to check whether you have the ipchains module loaded. If you do, then you can't load the ip_tables module; they are mutually exclusive.

If you do have ipchains loaded, then type (as root):

chkconfig --list ipchains
You should get output like this:

ipchains        0:off   1:off   2:on    3:off   4:off   5:off   6:off

If the settings for 3,4, and 5 are not "off", then do:

chkconfig --level 345 ipchains off

which will prevent ipchains starting at bootup. After a reboot, see what happens with your rc.firewall script.

Hint: RH7.3 by default uses the /etc/init.d/iptables script to control iptables firewalling. You can enable this as follows: first set up your iptables rules and enable them, and then execute

/sbin/iptables-save > /etc/sysconfig/iptables

Then

chkconfig --level 345 iptables on

and RH will start iptables on boot, reading the rules from /etc/sysconfig/iptables.

Vijay




0
 

Expert Comment

by:Loggytronic
ID: 7160918
I don't remember why but I don't think you can use the old ipchains stuff and have ftp working anymore. So do as vsamtani says and make sure you are using iptables. Then you want to

modprobe ip_conntrack_ftp

which should alledgedly solve the problem, although it has never worked for me.
0
 
LVL 5

Accepted Solution

by:
vsamtani earned 800 total points
ID: 7161708
Ack. Just reread my own post and spotted the goof:

>If the settings for 3,4, and 5 are not "off", then do:
>
>chkconfig --level 345 ipchains off
>
>which will prevent ipchains starting at bootup. After a reboot, see what happens with your rc.firewall script.

Of course, it should be

chkconfig --level 345 ipchains on


Doh. Sorry.

Vijay


0
 

Expert Comment

by:CleanupPing
ID: 9088955
kasim:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 2

Expert Comment

by:TheWeakestLink
ID: 9485111
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
Accept comments from vsamtani as answer
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

TheWeakestLink
EE Cleanup Volunteer
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question