Hi guys.
I have:-
Network Packet FIltering
Connection Tracking
IPTables support

all compiled in, but when I try to use IPTables I get:-
iptables v1.2.9: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.


Anyone got any pointers? I've had a look around on the forums but there are so many threads about IPTables going off into all kinds of weird stuff...

Phil.

BTW It's FC2 with kernel 2.6.7.

Under "Connection tracking", you might want "FTP protocol support" -- if you plan on using active FTP, anyway. ;)

You'll definitely need to turn on some of the settings under "IP tables support" also. The things I find useful are "MAC address matching", "Packet type matching", "multiple port matching", "TTL matching", and "Connection tracking matching" (required to use the sub-options under "Connection tracking"). I also like "Packet mangling" (so I can change e.g. the TTL value on packets that get NATed), and "LOG target support" to log things.

But what you need to turn on for the "filter" table support is the "Packet filtering" setting under "IP tables support". For the "nat" table, you also need to turn on "Full NAT" under the same area.

Thanks dude.

Do you have them compiled in or as modules?



Phil.

On my firewall, compiled in.

(There's little use in compiling them as modules, isn't there? You're never going to remove them once they're loaded... ;))

Fair point! I've just compiled _everything_ firewall related in, just to be on the safe side.

For any noobs out there, if you can get kmyfirewall from kde-apps.org you'll find configuring the firewall much easier than iptables from a command line.

Phil.