|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] How to add iptables modules to Domu Kernel??
Anand Gupta wrote: > I am using xen 3.0.2 stable and iptables is compiled as module. > > Inside domU, i tried the following > > -bash-3.00# modprobe iptable_filter > ip_tables: (C) 2000-2006 Netfilter Core Team > -bash-3.00# modprobe iptable_raw > -bash-3.00# modprobe iptable_nat > Netfilter messages via NETLINK v0.30. > ip_conntrack version 2.4 (1056 buckets, 8448 max) - 312 bytes per > conntrack > -bash-3.00# modprobe iptable_mangle > > Now if i try to load iptables rpm, and run iptables -L, i get the > following > > iptables v1.2.11: can't initialize iptables table `filter': Module is > wrong version > Perhaps iptables or your kernel needs to be upgraded. > > Any ideas on how to solve it ? > > On 5/27/06, *Sadique* <sadique@xxxxxxxxxxxxxxxxxxx > <mailto:sadique@xxxxxxxxxxxxxxxxxxx>> wrote: > > I am not sure whether iptables module is compiled into the Dom-U > kernel > by default in xen binary packages. > The best option for you should be to complie xen kernel from > source and > add iptables support statically to the kernel. > > make menuconfig > Networking ---> Networking options ---> Network packet filtering > (replaces ipchains) ---> Core Netfilter > Configuration ---> Netfilter > Xtables support (required for ip_tables) and do enable all modules > included in that as per your need. > Then go to - Networking ---> Networking options ---> Network packet > filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> > IP tables support (required for filtering/masq/NAT) > > You can only go to the second step after doing the first one. > > > It's best you add the iptables support statically into the kernel > rather than enabling it as a module. Why? If you compile it as a > module you need to copy the module to every Dom-U manually. > > Thanks > Sadique > > miguel c wrote: > > > Hi, I'm running xen 2.0 in a Fedora Core 3 distro. My problem is > that > > I want to configure a virtual machine so that works as a > > firewall/router. So, I need iptables working on this one. > > Unfortunately I must have some modules loaded such as ip_tables, > > iptables_nat, etc. > > Where can I do this without making mad trying it? > > Thank you very much > > > > > > > > _______________________________________________ > > Xen-users mailing list > > Xen-users@xxxxxxxxxxxxxxxxxxx <mailto:Xen-users@xxxxxxxxxxxxxxxxxxx> > > http://lists.xensource.com/xen-users > > > > > > > _______________________________________________ > Xen-users mailing list > Xen-users@xxxxxxxxxxxxxxxxxxx <mailto:Xen-users@xxxxxxxxxxxxxxxxxxx> > http://lists.xensource.com/xen-users > > > > > -- > regards, > > Anand Gupta > >------------------------------------------------------------------------ > >_______________________________________________ >Xen-users mailing list >Xen-users@xxxxxxxxxxxxxxxxxxx >http://lists.xensource.com/xen-users > Did you copy the modules from /lib/modules/lib/modules/2.6.16-xenU or from the source/dist ... of Dom-0 to the /lib/modules/2.6.16-xenU of Dom-U? You should do that for all dom-U's or this should be added to the default template. I have always compiled iptables support statically to the Dom-U kernel and iptables works fine for me. Have not yet tested as a module. -- Sadique PP Sr. System Administrator Vanilla Networks Pvt Ltd SDF-IT Building, Infopark Kakkanad, Cochin, India 682030 Mobile: +919895643639 _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |