# [SOLVED] FATAL: Module ip_tables not found.

## PunkSC

I am migrating from Mandrake 10 to Gentoo, but my old mdk10 firewall rules isnt working here:

```

FireBlade ~ # ./rc.firewall

FATAL: Module ip_tables not found.

FATAL: Module ip_conntrack not found.

FATAL: Module ipt_REJECT not found.

FATAL: Module ipt_unclean not found.

iptables: No chain/target/match by that name

iptables: No chain/target/match by that name

```

But i HAVE compiled into KERNEL ip_tables, conntrack and ipt_REJECT, NOT as Module:

```

#

# IP: Netfilter Configuration

#

CONFIG_IP_NF_CONNTRACK=y

CONFIG_IP_NF_CT_ACCT=y

CONFIG_IP_NF_CONNTRACK_MARK=y

# CONFIG_IP_NF_CONNTRACK_EVENTS is not set

# CONFIG_IP_NF_CT_PROTO_SCTP is not set

CONFIG_IP_NF_FTP=m

CONFIG_IP_NF_IRC=m

# CONFIG_IP_NF_NETBIOS_NS is not set

CONFIG_IP_NF_TFTP=m

# CONFIG_IP_NF_AMANDA is not set

CONFIG_IP_NF_PPTP=m

CONFIG_IP_NF_QUEUE=y

CONFIG_IP_NF_IPTABLES=y

CONFIG_IP_NF_MATCH_LIMIT=y

CONFIG_IP_NF_MATCH_IPRANGE=y

CONFIG_IP_NF_MATCH_MAC=y

CONFIG_IP_NF_MATCH_PKTTYPE=y

CONFIG_IP_NF_MATCH_MARK=y

CONFIG_IP_NF_MATCH_MULTIPORT=y

CONFIG_IP_NF_MATCH_TOS=y

CONFIG_IP_NF_MATCH_RECENT=y

CONFIG_IP_NF_MATCH_ECN=y

CONFIG_IP_NF_MATCH_DSCP=y

CONFIG_IP_NF_MATCH_AH_ESP=y

CONFIG_IP_NF_MATCH_LENGTH=y

CONFIG_IP_NF_MATCH_TTL=y

CONFIG_IP_NF_MATCH_TCPMSS=y

CONFIG_IP_NF_MATCH_HELPER=y

CONFIG_IP_NF_MATCH_STATE=y

CONFIG_IP_NF_MATCH_CONNTRACK=y

CONFIG_IP_NF_MATCH_OWNER=y

# CONFIG_IP_NF_MATCH_ADDRTYPE is not set

# CONFIG_IP_NF_MATCH_REALM is not set

# CONFIG_IP_NF_MATCH_SCTP is not set

# CONFIG_IP_NF_MATCH_DCCP is not set

# CONFIG_IP_NF_MATCH_COMMENT is not set

# CONFIG_IP_NF_MATCH_CONNMARK is not set

# CONFIG_IP_NF_MATCH_CONNBYTES is not set

# CONFIG_IP_NF_MATCH_HASHLIMIT is not set

# CONFIG_IP_NF_MATCH_STRING is not set

CONFIG_IP_NF_FILTER=y

CONFIG_IP_NF_TARGET_REJECT=y

CONFIG_IP_NF_TARGET_LOG=y

CONFIG_IP_NF_TARGET_ULOG=y

CONFIG_IP_NF_TARGET_TCPMSS=y

# CONFIG_IP_NF_TARGET_NFQUEUE is not set

CONFIG_IP_NF_NAT=y

CONFIG_IP_NF_NAT_NEEDED=y

CONFIG_IP_NF_TARGET_MASQUERADE=y

CONFIG_IP_NF_TARGET_REDIRECT=y

CONFIG_IP_NF_TARGET_NETMAP=y

CONFIG_IP_NF_TARGET_SAME=y

# CONFIG_IP_NF_NAT_SNMP_BASIC is not set

CONFIG_IP_NF_NAT_IRC=m

CONFIG_IP_NF_NAT_FTP=m

CONFIG_IP_NF_NAT_TFTP=m

CONFIG_IP_NF_NAT_PPTP=m

CONFIG_IP_NF_MANGLE=y

CONFIG_IP_NF_TARGET_TOS=y

CONFIG_IP_NF_TARGET_ECN=y

CONFIG_IP_NF_TARGET_DSCP=y

CONFIG_IP_NF_TARGET_MARK=y

CONFIG_IP_NF_TARGET_CLASSIFY=y

# CONFIG_IP_NF_TARGET_TTL is not set

CONFIG_IP_NF_TARGET_CONNMARK=y

# CONFIG_IP_NF_TARGET_CLUSTERIP is not set

CONFIG_IP_NF_RAW=m

CONFIG_IP_NF_TARGET_NOTRACK=m

CONFIG_IP_NF_ARPTABLES=y

CONFIG_IP_NF_ARPFILTER=y

CONFIG_IP_NF_ARP_MANGLE=y

```

The weird thing is that the iptables command IS WORKING, like here:

```

FireBlade linux # iptables -L

Chain INPUT (policy ACCEPT)

target     prot opt source               destination

Chain FORWARD (policy ACCEPT)

target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination

Chain bad_packets (0 references)

target     prot opt source               destination

Chain bad_tcp_packets (0 references)

target     prot opt source               destination

Chain icmp_packets (0 references)

target     prot opt source               destination

Chain tcp_inbound (0 references)

target     prot opt source               destination

Chain udp_inbound (0 references)

target     prot opt source               destination

```

So, i guess i am missing some small configuration somewhere.

Any ideas?

Tks guys!Last edited by PunkSC on Mon Jan 30, 2006 6:34 pm; edited 1 time in total

----------

## msalerno

The problem might be that your script is looking for the iptables modules.  As you said and as your kernel config shows, you build the options into the kernel so there are no modules.  You could just go back and reconfigure/recompile your kernel to make iptables and the associated options as modules.  Once you do that, I would be willing to bet that your script will work.

It's not really a strange thing that the script is working, all of the iptables options are available, just not as modules.

----------

## PunkSC

Man... i feel so stupid when i post something like this!

I found what was giving errors.. is THIS script commands:

```
/sbin/modprobe ip_tables

/sbin/modprobe ip_conntrack

/sbin/modprobe ipt_REJECT

/sbin/modprobe ipt_unclean

```

This commands are useless.. cause i compiled it in kernel, not as a module!

Everything is ok now.

Tks a lot for the reply msalerno!

----------

