Hello everyone,
I am trying to add iptables to my imx6ullevk image but kernel modules do not get included.
Added to build/conf/local.conf;
CORE_IMAGE_EXTRA_INSTALL += " kernel-modules"
IMAGE_INSTALL_append = " iptables "
IMAGE_FSTYPES += "tar.bz2"
$: bitbake virtual/kernel -c menuconfig
After setting new kernel configuration with menuconfig i can see the new configurations in the .config file. I have created a bsp layer with a defconfig using it.
> CONFIG_NETFILTER=y
> CONFIG_NF_TABLES=y
> CONFIG_NETFILTER_XTABLES=y
> CONFIG_NFT_REJECT=y
...
$: bitbake core-image-minimal
After the build i can't find "net" kernel modules in the image files: /lib/modules/4.9.11.../kernel/net/ folder is empty. So iptables is in the image but ip_tables kernel modules are not.
After changing the machine to qemux86 modules get included.
I am using https://github.com/Freescale/fsl-community-bsp-platform repo for yocto and i have tried zeus, rocko and dunfell branches.
What could be the problem? Any help would be appreciated.
Thanks.
Possibly iptables was compiled into the kernel not as external module.
Please try "iptables -L" on the board.
iptables is looking for modules in version 4.9.88 but my kernel is 4.14.98.
root@imx6ullevk:~# iptables -L
modprobe: can't change directory to '4.9.88+g5e23f9d61147': No such file or directory
iptables v1.8.3 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
root@imx6ullevk:/lib/modules# ls -l
drwxr-xr-x 3 root root 1040 Jan 1 1970 4.14.98-imx+g1175b59
Just to test i copy the kernel modules to the required version.
root@imx6ullevk:/lib/modules# cp -r 4.14.98-imx+g1175b59 4.9.88+g5e23f9d61147
root@imx6ullevk:/lib/modules# ls -l
drwxr-xr-x 3 root root 1040 Jan 1 1970 4.14.98-imx+g1175b59
drwxr-xr-x 3 root root 1040 Dec 8 13:11 4.9.88+g5e23f9d61147
root@imx6ullevk:/lib/modules# iptables -L
modprobe: module ip_tables not found in modules.dep
iptables v1.8.3 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Please try to create a symlink with right name for existing module.
Modules are built-in;
root@imx6ull14x14evk:/lib/modules/5.4.3-lts-lf-5.4.y+gf8118585ee3c# cat modules.builtin | grep filter
kernel/net/ipv4/netfilter/nf_reject_ipv4.ko
kernel/net/ipv4/netfilter/ip_tables.ko
kernel/net/ipv4/netfilter/iptable_filter.ko
....
iptables error before linking;
root@imx6ull14x14evk:/lib/modules/5.4.3-lts-lf-5.4.y+gf8118585ee3c# iptables -L
modprobe: FATAL: Module ip_tables not found in directory /lib/modules/4.9.88+g5e23f9d61147
iptables v1.8.3 (legacy): can't initialize iptables table `filter': Table does not exist (do
you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
After linking;
root@imx6ull14x14evk:/lib/modules# ln -s 5.4.3-lts-lf-5.4.y+gf8118585ee3c 4.9.88+g5e23f9d61147
root@imx6ull14x14evk:/lib/modules# ls -l
lrwxrwxrwx 1 root root 32 Jan 14 10:44 4.9.88+g5e23f9d61147 -> 5.4.3-lts-lf-5.4.y+gf8118585ee3c
drwxr-xr-x 3 root root 1120 Jan 8 11:39 5.4.3-lts-lf-5.4.y+gf8118585ee3c
root@imx6ull14x14evk:/lib/modules# iptables -L
iptables v1.8.3 (legacy): can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
root@imx6ull14x14evk:/lib/modules/4.9.88+g5e23f9d61147/kernel/net# ls -lR
drwxr-xr-x 2 root root 232 Jan 8 11:39 8021q
./8021q:
-rw-r--r-- 1 root root 35444 Jan 8 11:12 8021q.ko
/iptable_filter.ko is built in and there is nothing to insmod.
When i build an image with manually loaded ip_tables modules i get following results;
Modules are present but i cant insert the module.
root@imx6ull14x14evk:/lib/modules/5.4.3-lts-lf-5.4.y+gf8118585ee3c/kernel/net/ipv4/netfilter# ls -l
-rw-r--r-- 1 root root 25036 Jan 8 10:23 ip_tables.ko
-rw-r--r-- 1 root root 6048 Jan 8 10:23 ipt_REJECT.ko
-rw-r--r-- 1 root root 6932 Jan 8 10:23 iptable_filter.ko
-rw-r--r-- 1 root root 6688 Jan 8 10:23 iptable_mangle.ko
-rw-r--r-- 1 root root 6868 Jan 8 10:23 nf_reject_ipv4.ko
root@imx6ull14x14evk:/lib/modules/5.4.3-lts-lf-5.4.y+gf8118585ee3c/kernel/net/ipv4/netfilter# insmod ip_tables.ko
insmod: ERROR: could not insert module ip_tables.ko: Invalid module format
After i link the module i still get the same error;
root@imx6ull14x14evk:/lib/modules/5.4.3-lts-lf-5.4.y+gf8118585ee3c/kernel/net/ipv4/netfilter# mkdir -p /lib/modules/4.9.88+g5e23f9d61147/kernel/net/ipv4/netfilter
root@imx6ull14x14evk:/lib/modules/4.9.88+g5e23f9d61147/kernel/net/ipv4/netfilter# ln -s /lib/modules/5.4.3-lts-lf-.4.y+gf8118585ee3c/kernel/net/ipv4/netfilter/ip_tables.ko ip_tables.ko
root@imx6ull14x14evk:/lib/modules/4.9.88+g5e23f9d61147/kernel/net/ipv4/netfilter# ls -l
lrwxrwxrwx 1 root root 84 Jan 14 11:45 ip_tables.ko -> /lib/modules/5.4.3-lts-lf-5.4.y+gf8118585ee3c/kernel/net/ipv4/netfilter/ip_tables.ko
root@imx6ull14x14evk:/lib/modules/4.9.88+g5e23f9d61147/kernel/net/ipv4/netfilter# insmod ip_tables.ko
insmod: ERROR: could not insert module ip_tables.ko: Invalid module format
Apparently I can't change text size in "Edit reply". Sorry for the changing styles.
Thanks.