When I restart iptables, I am getting the following error. Learned from this forum, that I need to change the kernel, which i did..not working good.

[root@**** ~]# service iptables restart
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: security raw nat mangle fi[FAILED]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules:                          [  OK  ]
Loading additional iptables modules: ip_conntrack_netbios_n[FAILED]
[root@**** ~]# uname -a
Linux **** 2.6.38-linode31 #1 SMP Mon Mar 21 21:22:33 UTC 2011 i686 i686 i386 GNU/Linux

Running Centos 32-bit.

Your suggestions are highly appreciated..thank you!

try this http://www.linode.com/wiki/index.php/Ce ... BFAILED.5D

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

thank you..that did fixed the netbios error..however, the first error still remains.

Setting chains to policy ACCEPT: security raw nat mangle fi[FAILED]

I should really have my cuppa tea before reading these posts so I read the whole thing....

Anyway can you put the content of your /etc/sysconfig/iptables file in http://pastebin.linode.com/ then post the link please.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

Thank you!!!!

But, what have I done? I rebooted the linode..When I used the Lish console, here is the error message.

IPv4 over IPv4 tunneling driver                                                                     
GRE over IPv4 tunneling driver                                                                      
ip_conntrack version 2.4 (8192 buckets, 65536 max) - 228 bytes per conntrack                        
ip_conntrack_pptp version 3.1 loaded                                                                
ip_nat_pptp version 3.0 loaded                                                                      
ip_tables: (C) 2000-2006 Netfilter Core Team                                                        
TCP bic registered                                                                                  
Initializing IPsec netlink socket                                                                   
NET: Registered protocol family 1                                                                   
NET: Registered protocol family 10                                                                  
lo: Disabled Privacy Extensions                                                                     
IPv6 over IPv4 tunneling driver                                                                     
ip6_tables: (C) 2000-2006 Netfilter Core Team                                                       
NET: Registered protocol family 17                                                                  
NET: Registered protocol family 15                                                                  
Bridge firewalling registered                                                                       
Ebtables v2.0 registered                                                                            
ebt_ulog: not logging via ulog since somebody else already registered for PF_BRIDGE                 
802.1Q VLAN Support v1.8 Ben Greear <greearb@candelatech.com>                                       
All bugs added by David S. Miller <davem@redhat.com>                                                
SCTP: Hash tables configured (established 65536 bind 65536)                                         
Using IPI Shortcut mode                                                                             
XENBUS: Device with no driver: device/console/0                                                     
md: Autodetecting RAID arrays.                                                                      
md: autorun ...                                                                                     
md: ... autorun DONE.                                                                               
kjournald starting.  Commit interval 5 seconds                                                      
EXT3-fs: mounted filesystem with ordered data mode.                                                 
VFS: Mounted root (ext3 filesystem) readonly.                                                       
Freeing unused kernel memory: 224k freed                                                            
Warning: unable to open an initial console.

The Kernel is Latest 2.6 Legacy (2.6.18.8-linode22)

CentOS 32 bit.

I did nothing except changing the kernel as mentioned in the other thread...

I believe the latest version of centos requires the paravirt kernel (not positive though), switch back and provide the contents of /etc/sysconfig/iptables at http://pastebin.linode.com/

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

thank you! the pastebin link;

http://pastebin.linode.com/5181

can you pastebin the contents of /etc/init.d/iptables as well (sorry forgot)

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

@ obs;

http://pastebin.linode.com/5184

FYKI, I am trying to run openvpn and pptp...Everytime I start the server, the iptables settings are not executed.

I don't know if this is related, but

[root@*** etc]# modprobe ppp-compress-18 && echo ok
FATAL: Module ppp_mppe not found.

copy this into a file http://pastebin.linode.com/5191 and run

patch -p1 < filename

if it asks for a file choose /etc/init.d/iptables (replace filename in the command with the name of the file you saved it to). That will patch your init script.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

@ obs...You are a genius..Thanks a lot.

[root@*** ~]# nano ipfix
[root@*** ~]# patch -p1 < ipfix
missing header for unified diff at line 3 of patch
can't find file to patch at input line 3
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|--- iptables.old   2011-04-20 17:08:49.000000000 -0400
|+++ iptables   2011-04-20 17:09:17.000000000 -0400
--------------------------
File to patch: /etc/init.d/iptables
patching file /etc/init.d/iptables
[root@*** ~]# service iptables restart
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: security raw nat mangle fi[  OK  ]
Applying iptables firewall rules:                          [  OK  ]

Np *goes and pokes linode to update their distro*

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

Looks like it is a part of the iptables package in CentOS, so you probably want to poke either CentOS or Red Hat to fix it.

_________________

/* TODO: need to add signature to posts */

I installed centos locally first and that doesn't suffer from the problem so it seems to be a linode only problem.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue