Iptables on Arch Linux

April 18, 2014 6.4k views
1ps3
By:
1ps3
Hello. I can't set up iptables on Arch Linux, I get such error message: iptables-restore v1.4.21: iptables-restore: unable to initialize table 'filter' I belive it is connected with of specific kernel module. Stock kernel (from official repository) has it by default. Tried with every kernel from list in options, there's my current setup: 3.13.8-1-ARCH #1 SMP PREEMPT Tue Apr 1 12:19:51 CEST 2014 x86_64 GNU/Linux The only option is to compile my own kernel? Or maybe there is any other solution? Greetings
Log In to Comment
5 Answers
rubenvandepittedatbenik April 18, 2014
You need to run iptables as root.
So: sudo iptables
Reply
1ps3 April 18, 2014
I never tried to start it as non-root. Always by systemctl.
Reply
kamaln7 MOD April 18, 2014
Your kernel needs to match the kernel that is set in the Options section in your DigitalOcean control panel.
Reply
1ps3 April 22, 2014
It does (CONFIG_LOCALVERSION="-1-ARCH") - `/lib/modules/3.13.8-1-ARCH/`. I compied kernel to `/boot/vmlinuz-linux` and used `mkinicpio` on it to create `initramfs-linux.img` but bootloader still loads your kernel. Did I forget about something?
Reply
it612244 April 23, 2014
Don't do that. there is a warning about installing your own kernel, plus it wont be used because the kernel is defined in the DigitalOcean KVM outside your droplet.

The problem is that iptables requires the kernel to match what is in /boot and /lib/modules/

The way I got iptables/ufw to work was to change back to the original kernel in the digitalocean control panel.

Another possible way would be to compile the correct kernel to match your selected kernel from source with makepkg because ARCHLINUX repos do not keep old kernels around. then upload the package to your droplet and use pacman -U your-kernel.
Reply
Have another answer? Share your knowledge.