发表新帖
发表新帖

iptables v1.4.14: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)

后端 未结
关注
13 2425
轻奢々
轻奢々 2020-12-14 01:00

I\'m trying to set iptable rules, and I got following error message when I use iptable :

iptables v1.4.14: can\'t initialize iptables table `nat\': Table doe
相关标签:
13条回答
  • 温柔的废话
    2020-12-14 01:19

    Short version :

    run iptables on the host before to run it in the virtual server (I'm pretty sure this is some sort of LXC or OpenVZ container here).

    Long version :

    The problem is due to the fact that the ip_table module is loaded on demand. So, after a reboot, on any machine that does not have any iptables rules loaded at boot time, the ip_tables module is not loaded (no demand for the modules == the module is not loaded). Consequently, the LXC or OpenVZ containers cannot use iptables (since they share the host kernel but cannot modify which modules are loaded) until the host has somehow loaded the ip_tables module.

    0 讨论(0)
  • 情歌与酒
    2020-12-14 01:19

    check if tun/tap enabled:

    cat /dev/net/tun

    if ok will see something :

    cat: /dev/net/tun: File descriptor in bad state
    0 讨论(0)
  • 走了就别回头了
    2020-12-14 01:22

    It maybe useful to add that if you're seeing this error message and you're not using some kind of restricted container based hosting (e.g. OpenVZ) then the problem maybe that the kernel is missing the nat modules. To check run:

    modinfo iptable_nat

    Which should print out the location of the module, if it prints an ERROR then you know that is your problem. There are also dependent modules like nf_nat which might be missing so you'll have to dig deeper if the iptable_nat module is there but fails. If it is missing you'll need to get another kernel and modules, or if you're rolling your own ensure that the kernel config contains CONFIG_IP_NF_NAT=m (for IPv4 NAT).

    For info the relevant kernel module is usually found in one of these locations:

    ls /lib/modules/`uname -r`/kernel/net/netfilter/
ls /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/

    And if you're running IPv6 also look here:

    ls /lib/modules/`uname -r`/kernel/net/ipv6/netfilter/
    0 讨论(0)
  • 爱一瞬间的悲伤
    2020-12-14 01:23

    I had the same problem with Debian 8. I fixed it by restarting the system. It seems that the error can occur if the kernel image was updated and the system was not restarted thereafter.

    0 讨论(0)
  • 既然无缘
    2020-12-14 01:25 
    uname -av;
sudo apt install --reinstall (output from uname -av)
    0 讨论(0)
  • 盖世英雄少女心
    2020-12-14 01:30

    That solution from the official wiki: 

    vzctl set $CTID --netfilter full --save

    https://openvz.org/VPN_via_the_TUN/TAP_device#Troubleshooting

    0 讨论(0)
 看不清?
提交回复
热议问题