WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] problems with Iptables in DomU

To: Cristian Livadaru <drac3@xxxxxxxxx>
Subject: Re: [Xen-users] problems with Iptables in DomU
From: "John A. Sullivan III" <jsullivan@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 25 Jul 2006 06:11:45 -0400
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 25 Jul 2006 03:12:31 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20060725070643.GE7877@xxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <20060724084008.GA7877@xxxxxxxxx> <20060725070643.GE7877@xxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
On Tue, 2006-07-25 at 09:06 +0200, Cristian Livadaru wrote:
> On Mon, Jul 24, 2006 at 10:40:08AM +0200, Cristian Livadaru wrote:
> > Now that my xen is running, I wanted to set up dthe firewall on my domU
> > but all I get is this error:
> > 
> > lcx:~# iptables -L
> > iptables v1.2.11: can't initialize iptables table `filter': Module is
> > wrong version
> > Perhaps iptables or your kernel needs to be upgraded.
> > 
> > the modules for iptables are loaded:
> > iptable_filter          4736  0
> > ip_tables              23424  3
> > iptable_mangle,iptable_nat,iptable_filter
> > 
> > I have the same problem with Xen 3.0.1 and 2.0
> > on dom0 it seems to work:
> > 
> > master:~# iptables -L
> > Chain INPUT (policy ACCEPT)
> > target     prot opt source               destination
> > 
> > I tripplechecked the howto and all kernel settings but can't figure
> > where the problem is.
> > 
> > Regards,
> > 
> > Cristian Livadaru
> 
> Nobody here that can help? 
> This is so annoying that I will even pay for support if somebody can
> solve this issue, I wasted already 2 days trying to figure this out!
> None of the other tips I have received have helped.
> 
> Cris
<snip>
I believe we hit this problem when we set up our first Xen test boxes
for the ISCS network security management project
(http://iscs.sourceforge.net) (which, by the way, has worked very
successfully with Xen).

If I recall, the problem was that we had a domU image with older
iptables userspace tools and a kernel with a newer version of iptables.
One would encounter the same problem in the reverse situation.  It can
also result in unexplained segmentation faults.  Make sure that the
kernel and the userspace tools (e.g., the iptables command) are the same
version.  Hope this helps - John
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@xxxxxxxxxxxxxxxxxxx

Financially sustainable open source development
http://www.opensourcedevel.com


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>