Question

Iptables on Arch Linux

Posted April 18, 2014 7.1k views
Hello. I can't set up iptables on Arch Linux, I get such error message: iptables-restore v1.4.21: iptables-restore: unable to initialize table 'filter' I belive it is connected with of specific kernel module. Stock kernel (from official repository) has it by default. Tried with every kernel from list in options, there's my current setup: 3.13.8-1-ARCH #1 SMP PREEMPT Tue Apr 1 12:19:51 CEST 2014 x86_64 GNU/Linux The only option is to compile my own kernel? Or maybe there is any other solution? Greetings
Add a comment
1ps3
By:
1ps3

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
5 answers
rubenvandepittedatbenik April 18, 2014
You need to run iptables as root.
So: sudo iptables
Reply Report
1ps3 April 18, 2014
I never tried to start it as non-root. Always by systemctl.
Reply Report
kamaln7 April 18, 2014
Your kernel needs to match the kernel that is set in the Options section in your DigitalOcean control panel.
Reply Report
1ps3 April 22, 2014
It does (CONFIG_LOCALVERSION="-1-ARCH") - `/lib/modules/3.13.8-1-ARCH/`. I compied kernel to `/boot/vmlinuz-linux` and used `mkinicpio` on it to create `initramfs-linux.img` but bootloader still loads your kernel. Did I forget about something?
Reply Report
it612244 April 23, 2014
Don't do that. there is a warning about installing your own kernel, plus it wont be used because the kernel is defined in the DigitalOcean KVM outside your droplet.

The problem is that iptables requires the kernel to match what is in /boot and /lib/modules/

The way I got iptables/ufw to work was to change back to the original kernel in the digitalocean control panel.

Another possible way would be to compile the correct kernel to match your selected kernel from source with makepkg because ARCHLINUX repos do not keep old kernels around. then upload the package to your droplet and use pacman -U your-kernel.
Reply Report
Submit an Answer

Looking for something else?

Ask a new question Search for more help