Iptables/NFtables not working on cloud kernel?

Kernels & Hardware, configuring network, installing services

Iptables/NFtables not working on cloud kernel?

Postby Doug86 » 2020-10-06 14:38

Hi Everyone,

First time poster, long time lurker. Love this place!

I'm having an issue with a VPS Buster install, which I believe was previously updated from Stretch.

I noticed that fail2ban had stopped working at some point and decided to look at the Iptables for clues

Code: Select all
# iptables -L
iptables/1.8.2 Failed to initialize nft: Protocol not supported

I'm aware of the switch to nftables in buster so tried rolling back with

Code: Select all
# update-alternatives --set iptables /usr/sbin/iptables-legacy
# update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
# update-alternatives --set arptables /usr/sbin/arptables-legacy
# update-alternatives --set ebtables /usr/sbin/ebtables-legacy

but then I get

Code: Select all
# iptables -nvL
modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.19.0-5-cloud-amd64/modules.dep.bin'
modprobe: FATAL: Module ip_tables not found in directory /lib/modules/4.19.0-5-cloud-amd64
iptables v1.6.0: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

So I tried updating everything I could, purging iptables and nftables and reinstalling without luck.

I've seen similar reports with kernels that don't have the right modules, is it possible that the cloud kernel doesn't support a firewall? Sounds unlikely. How would I check and how can I get fail2ban working again?

Code: Select all
# uname -a
Linux {hostname} 4.19.0-5-cloud-amd64 #1 SMP Debian 4.19.37-5+deb10u1 (2019-07-19) x86_64 GNU/Linux

Thanks in advance!
Posts: 1
Joined: 2020-10-06 14:12

Return to System configuration

Who is online

Users browsing this forum: No registered users and 15 guests