Bug 32407 - QA0319: iptables kernel module doesn't load
QA0319: iptables kernel module doesn't load
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: iptables (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
Brock Organ
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-03-20 11:41 EST by Daniel Roesen
Modified: 2007-04-18 12:32 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-06-20 16:28:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Daniel Roesen 2001-03-20 11:41:25 EST
[root@qa0319 /root]# iptables -L
/lib/modules/2.4.2-0.1.28/kernel/net/ipv4/netfilter/ip_tables.o:
init_module: Device or resource busy
Hint: insmod errors can be caused by incorrect module parameters, including
invalid IO or IRQ parameters
/lib/modules/2.4.2-0.1.28/kernel/net/ipv4/netfilter/ip_tables.o: insmod
/lib/modules/2.4.2-0.1.28/kernel/net/ipv4/netfilter/ip_tables.o failed
/lib/modules/2.4.2-0.1.28/kernel/net/ipv4/netfilter/ip_tables.o: insmod
ip_tables failed
iptables v1.2: can't initialize iptables table `filter': iptables who? (do
you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Removing the ipchains module (rmmod ipchains) fixes this.
Comment 1 Arjan van de Ven 2001-03-20 11:44:34 EST
So if you want to use the new firewall rules, just remove the old compatibility?
Doesn't sound like a bug to me.
Comment 2 Daniel Roesen 2001-03-20 11:55:24 EST
Besides that being very non-obvious, both supporting initscripts are enabled by
default:

[root@qa0319 /root]# chkconfig --list|grep ^ip
iptables       	0:off	1:off	2:on	3:on	4:on	5:on	6:off
ipchains       	0:off	1:off	2:on	3:on	4:on	5:on	6:off
Comment 3 Arjan van de Ven 2001-03-22 05:54:03 EST
This sounds like a userland configuration policy; assigning to ipchains.
Comment 4 Mike A. Harris 2001-03-23 05:38:00 EST
I agree, however since the config tools favor ipchains, I think iptables
should be changed.  Doesn't make sense to start both at init time.
Actually it makes more sense to have one script called "ipfilter"
or "firewall" and have it deal with the logic of wether to start
ipchains or iptables, but that is not likely to happen anytime soon.

Reassigning to iptables.
Comment 5 Pekka Savola 2001-06-20 16:28:40 EDT
This is kinda moot point at this point IMO as the default iptables ruleset is empty.

People do start to wonder if they have both.

I suggest adding a failure notice in iptables (and perhaps also in ipchains) which checks whether either
 1) ipchains module is loaded
 2) /etc/sysconfig/ipchains or equiv is non-empty

.. or some other bright ideas.  The _default_ behaviour, until users start mixing the two is ok.
Comment 6 Bernhard Rosenkraenzer 2001-07-10 10:12:39 EDT
Warning added in 1.2.2-3

Note You need to log in before you can comment on or make changes to this bug.