Ufw error problem running ip6tables

ERROR: Problem running ip6tables Affects Status Importance Assigned to Milestone ufw Bug Description Error shows when I type in the following command: sudo ufw status My OS: Debian/Linux What is the output of the following command: $ sudo /usr/share/ ufw/check- requirements I suspect you have disabled ipv6 in some manner. You might be able […]

Содержание

  1. ERROR: Problem running ip6tables
  2. Bug Description
  3. NJ bot server «problem running ip6tables» #3533
  4. Comments
  5. Debian User Forums
  6. Software conflict between iptables and ufw? SOLVED!
  7. Software conflict between iptables and ufw? SOLVED!
  8. Debian User Forums
  9. Software conflict between iptables and ufw? SOLVED!
  10. Software conflict between iptables and ufw? SOLVED!
  11. [RESOLVED] UFW & Iptables not working in Debian 10 minimal
  12. Comments

ERROR: Problem running ip6tables

Affects Status Importance Assigned to Milestone
ufw

Bug Description

Error shows when I type in the following command:

sudo ufw status

My OS: Debian/Linux

What is the output of the following command:

$ sudo /usr/share/ ufw/check- requirements

I suspect you have disabled ipv6 in some manner. You might be able to simply use IPV6=no in /etc/default/ufw.

Changed in ufw:
status: New → Incomplete
  • 1E1484DC46934C0FA914F248208FCA1C.pngEdit (158 bytes, image/png; name=»1E1484DC46934C0FA914F248208FCA1C.png»)

Im sorry to say that I have completely wiped my Linux machine and reinstalled Raspbian and everything works fine now. I did not touch anything to do with the ip6tables beforehand. Possibly got corrupted somehow.

From: on behalf of costales
Sent: Wednesday, June 6, 2018 8:15:51 PM
To:
Subject: [Bug 1775282] Re: ERROR: Problem running ip6tables

** No longer affects: gui-ufw


You received this bug notification because you are subscribed to the bug
report.
https:/ /bugs.launchpad .net/bugs/ 1775282

Title:
ERROR: Problem running ip6tables

Status in ufw:
Incomplete

Bug description:
Error shows when I type in the following command:

sudo ufw status

My OS: Debian/Linux

Thanks for getting back to me. Glad it is working now. Since there is a lack of information, I’m going to close this bug. Please feel free to report other issues you may find.

Changed in ufw:
status: Incomplete → Invalid

I am getting the same error:

# ufw status
ERROR: problem running ip6tables

But the requirements check passed:

# /usr/share/ ufw/check- requirements
Has python: pass (binary: python3, version: 3.8.5, py3)
Has iptables: pass
Has ip6tables: pass

Has /proc/net/dev: pass
Has /proc/net/if_inet6: pass

This script will now attempt to create various rules using the iptables
and ip6tables commands. This may result in module autoloading (eg, for
IPv6).
Proceed with checks (Y/n)?
== IPv4 ==
Creating ‘ufw-check- requirements’ . done
Inserting RETURN at top of ‘ufw-check- requirements’ . done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: pass
limit: pass
ctstate (NEW): pass
ctstate (RELATED): pass
ctstate (ESTABLISHED): pass
ctstate (INVALID): pass
ctstate (new, recent set): pass
ctstate (new, recent update): pass
ctstate (new, limit): pass
interface (input): pass
interface (output): pass
multiport: pass
comment: pass
addrtype (LOCAL): pass
addrtype (MULTICAST): pass
addrtype (BROADCAST): pass
icmp (destination- unreachable) : pass
icmp (source-quench): pass
icmp (time-exceeded): pass
icmp (parameter- problem) : pass
icmp (echo-request): pass

== IPv6 ==
Creating ‘ufw-check- requirements6’ . done
Inserting RETURN at top of ‘ufw-check- requirements6’ . done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: pass
limit: pass
ctstate (NEW): pass
ctstate (RELATED): pass
ctstate (ESTABLISHED): pass
ctstate (INVALID): pass
ctstate (new, recent set): pass
ctstate (new, recent update): pass
ctstate (new, limit): pass
interface (input): pass
interface (output): pass
multiport: pass
comment: pass
icmpv6 (destination- unreachable) : pass
icmpv6 (packet-too-big): pass
icmpv6 (time-exceeded): pass
icmpv6 (parameter- problem) : pass
icmpv6 (echo-request): pass
icmpv6 with hl (neighbor- solicitation) : pass
icmpv6 with hl (neighbor- advertisement) : pass
icmpv6 with hl (router- solicitation) : pass
icmpv6 with hl (router- advertisement) : pass
ipv6 rt: pass

Источник

NJ bot server «problem running ip6tables» #3533

This is not expected. Seems similar to the problem we had when the lobby would not restart well.

The text was updated successfully, but these errors were encountered:

@RoiEXLab I think you debugged a similar problem after the last lobby restart. Do you recognize this as the same problem?

@DanVanAtta Not quite. The error message was slightly different.
However this should be fixable by fixing the underlying ip6tables command because it probably just got itself in a bad state

Running iptables on that machine did not do much, maybe you’ll know of something more to look at @RoiEXLab ? Without knowing how it got into a bad state, hard to fix it. It’s also a question how suddenly iptables got into a bad state at all.

I’m thinking we should decommission this server. Who knows what else is in a bad state, the state of the server is just not known and that is disconcerting. The cost of fixing it also seems a bit much compared to firing up a new one, or just shutting it down and then saving on monthly costs.

@DanVanAtta maybe it’s a typo.
But iptables ≠ ip6tables . AFAIK ufw uses those tools in the background.
So if you tried to use the latter somehow (list the entries or something) it will probably give a much more detailed error message.
The last time I had similar errors like this it was due to concurrency issues.
ufw isn’t using the tools in blocking mode, so if you try to execute two ufw commands at the same time, or maybe directly after another it will break.

@DanVanAtta Investigated this issue further, and came to the conclusion that we might want to try restarting the server completely, hoping to fix this issue. I read some articles, where simple restarting did the trick.
Also this issue doesn’t seem to be related in any way to my concurrency issue.

Restart did the trick 🙌

I don’t think/know if investigating the RC further at this point is worth it, so will close this issue.

Источник

Debian User Forums

Software conflict between iptables and ufw? SOLVED!

Software conflict between iptables and ufw? SOLVED!

#1 Post by rayos » 2020-02-10 11:08

Debian Bullseye. Packages: ufw 0.36-1 and Iptables 1.8.4-2

Hello everybody! Ufw now doesn’t work after a package update and if it’s enable internet is blocked.

While doing a reboot some minutes ago, the PC lost the graphic environment and the internet connection.

The screen went black, but by pressing «Ctrl + Alt + F1» I could access a tty and recover the desktop environment using the startx command

I checked with cat /var/log/dpkg.log | grep «status installed» the last packages installed and I saw that one of the updated packages was «iptables».

In order to test if it was a problem with the firewall I deactivated the ufw firewall interface and everything went back to normal again.

With ufw disabled everything works fine again and when doing a reboot the desktop environment appears without using startx, but with ufw enabled I have to activate the X with startx command and the internet connection is blocked.

I guess this is an incompatibility between the new version of iptables and the old ufw version in the Debian testing repository.

$ iptables —version
iptables v1.8.4 (nf_tables)

$ ufw —version
ufw 0.36
Copyright 2008-2015 Canonical Ltd.

If I start ufw it gives an error warning and internet crashes:

# ufw enable
ERROR: problem running ufw-init
iptables-restore: COMMIT expected at line 21
iptables-restore: line 2 failed
iptables-restore: line 2 failed
ip6tables-restore: COMMIT expected at line 21
ip6tables-restore: line 2 failed
ip6tables-restore: line 2 failed
Problem running ‘/etc/ufw/user.rules’
Problem running ‘/etc/ufw/user6.rules’

# ufw status
Status: active

$ ping -c1 google.com
. there is no Internet conection

# ufw disable
Firewall stopped and disabled on system startup

$ ping -c1 google.com
. with ufw disabled there’s internet connection

I uninstalled ufw by purging the configuration files, reinstalled it again and I get the same error message, but now without the «problem running» warnings.

I imagine the problem will be that Debian updated iptables without realizing that ufw would fail, I don’t know.

Источник

Debian User Forums

Software conflict between iptables and ufw? SOLVED!

Software conflict between iptables and ufw? SOLVED!

#1 Post by rayos » 2020-02-10 11:08

Debian Bullseye. Packages: ufw 0.36-1 and Iptables 1.8.4-2

Hello everybody! Ufw now doesn’t work after a package update and if it’s enable internet is blocked.

While doing a reboot some minutes ago, the PC lost the graphic environment and the internet connection.

The screen went black, but by pressing «Ctrl + Alt + F1» I could access a tty and recover the desktop environment using the startx command

I checked with cat /var/log/dpkg.log | grep «status installed» the last packages installed and I saw that one of the updated packages was «iptables».

In order to test if it was a problem with the firewall I deactivated the ufw firewall interface and everything went back to normal again.

With ufw disabled everything works fine again and when doing a reboot the desktop environment appears without using startx, but with ufw enabled I have to activate the X with startx command and the internet connection is blocked.

I guess this is an incompatibility between the new version of iptables and the old ufw version in the Debian testing repository.

$ iptables —version
iptables v1.8.4 (nf_tables)

$ ufw —version
ufw 0.36
Copyright 2008-2015 Canonical Ltd.

If I start ufw it gives an error warning and internet crashes:

# ufw enable
ERROR: problem running ufw-init
iptables-restore: COMMIT expected at line 21
iptables-restore: line 2 failed
iptables-restore: line 2 failed
ip6tables-restore: COMMIT expected at line 21
ip6tables-restore: line 2 failed
ip6tables-restore: line 2 failed
Problem running ‘/etc/ufw/user.rules’
Problem running ‘/etc/ufw/user6.rules’

# ufw status
Status: active

$ ping -c1 google.com
. there is no Internet conection

# ufw disable
Firewall stopped and disabled on system startup

$ ping -c1 google.com
. with ufw disabled there’s internet connection

I uninstalled ufw by purging the configuration files, reinstalled it again and I get the same error message, but now without the «problem running» warnings.

I imagine the problem will be that Debian updated iptables without realizing that ufw would fail, I don’t know.

Источник

[RESOLVED] UFW & Iptables not working in Debian 10 minimal

Man, my dive into Nat VM has not been kind.
one problem fixed another crop up.
Now on fresh debian 10 i cant start ufw

Is it Openvz problem?
not familiar with this module, google says openvz module
/lib/modules/3.10.0-957.12.2.vz7.86.2/modules.builtin.bin’

prior to reinstalling Debian 10, ufw on debian 8 and ubuntu 16.04 works
P.S. im on MRVM SG node, running freshly installed Debian 10

UFW is garbage and you should learn to setup iptables.

My pronouns are asshole/asshole/asshole. I will give you the same courtesy.

@WSS I just need something fast for testing.
i’m very lazy afterall
hahaha.

Also, iptables (iptables-nft) seems not working too. iptables issue maybe?
iptables-legacy not working too.

i figured it out,
I purge ufw and iptables, then install iptables first then change to iptables-legacy.
after that install ufw.
ufw seems to works only on iptables-legacy.

With the last Debian 10/Buster template, just

  • apt install iptables
  • update-alternatives —set iptables /usr/sbin/iptables-legacy
  • update-alternatives —set ip6tables /usr/sbin/ip6tables-legacy

Now ufw should work fine

The actual issue here is that iptables is not installed at all as standard in those templates.

I am going to have to make a new template set with it included and distribute them, I think minimal went a bit far.

https://inceptionhosting.com
Please do not use the PM system here for Inception Hosting support issues.

iptables-legacy? I thought iptables/netfilter was being replaced with something?

nftables is the default in buster, it seems

The all seeing eye sees everything.

@terrorgen said:
nftables is the default in buster, it seems

Ah, so, iptables-legacy is just the regular iptables with a tag to identify that it is now considered legacy (nftables being the new) .

@terrorgen said:
nftables is the default in buster, it seems

Ah, so, iptables-legacy is just the regular iptables with a tag to identify that it is now considered legacy (nftables being the new) .

Yeah,old scripts, like the openvpn installer script, dont work with nftables, just tested it. need to change to iptables-legacy

I guess it breaks not just UFW, but many of the old scripts that uses iptables.

I have found also that loading the modules on the host node which is el7 based for containers or be able to use nf* makes them incredibly unstable, I am sure it will be fixed over time.

https://inceptionhosting.com
Please do not use the PM system here for Inception Hosting support issues.

is netfilter set to full for this container ?

vzctl set VMID —netfilter full —save

CrownCloud — Internet Services | Los Angeles, California | Frankfurt, Germany | Amsterdam, The Netherlands

@terrorgen said:
nftables is the default in buster, it seems

Ah, so, iptables-legacy is just the regular iptables with a tag to identify that it is now considered legacy (nftables being the new) .

Yeah,old scripts, like the openvpn installer script, dont work with nftables, just tested it. need to change to iptables-legacy

I guess it breaks not just UFW, but many of the old scripts that uses iptables.

it feels very un-Debian to me. these (breaking of older scripts) should’ve been caught in testing or unstable and not being released to stable until most of the popular scripts made accommodations to nftables..

Источник

Источник

I am getting the same error:

# ufw status
ERROR: problem running ip6tables

But the requirements check passed:

# /usr/share/ufw/check-requirements
Has python: pass (binary: python3, version: 3.8.5, py3)
Has iptables: pass
Has ip6tables: pass

Has /proc/net/dev: pass
Has /proc/net/if_inet6: pass

This script will now attempt to create various rules using the iptables
and ip6tables commands. This may result in module autoloading (eg, for
IPv6).
Proceed with checks (Y/n)?
== IPv4 ==
Creating ‘ufw-check-requirements’… done
Inserting RETURN at top of ‘ufw-check-requirements’… done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: pass
limit: pass
ctstate (NEW): pass
ctstate (RELATED): pass
ctstate (ESTABLISHED): pass
ctstate (INVALID): pass
ctstate (new, recent set): pass
ctstate (new, recent update): pass
ctstate (new, limit): pass
interface (input): pass
interface (output): pass
multiport: pass
comment: pass
addrtype (LOCAL): pass
addrtype (MULTICAST): pass
addrtype (BROADCAST): pass
icmp (destination-unreachable): pass
icmp (source-quench): pass
icmp (time-exceeded): pass
icmp (parameter-problem): pass
icmp (echo-request): pass

== IPv6 ==
Creating ‘ufw-check-requirements6’… done
Inserting RETURN at top of ‘ufw-check-requirements6’… done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: pass
limit: pass
ctstate (NEW): pass
ctstate (RELATED): pass
ctstate (ESTABLISHED): pass
ctstate (INVALID): pass
ctstate (new, recent set): pass
ctstate (new, recent update): pass
ctstate (new, limit): pass
interface (input): pass
interface (output): pass
multiport: pass
comment: pass
icmpv6 (destination-unreachable): pass
icmpv6 (packet-too-big): pass
icmpv6 (time-exceeded): pass
icmpv6 (parameter-problem): pass
icmpv6 (echo-request): pass
icmpv6 with hl (neighbor-solicitation): pass
icmpv6 with hl (neighbor-advertisement): pass
icmpv6 with hl (router-solicitation): pass
icmpv6 with hl (router-advertisement): pass
ipv6 rt: pass

All tests passed

Источник


0

2

Добрый день.
Прошу помощи. При настройке vpn на vps возникли ошибки: 

root@vps43220:# ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
ERROR: problem running ufw-init
ip6tables-restore: line 4 failed
ip6tables-restore: line 4 failed
ip6tables-restore: line 138 failed
ip6tables-restore: line 39 failed

Problem running '/etc/ufw/before6.rules'
Problem running '/etc/ufw/user6.rules'

При попытке запуска вручную: 

root@vps43220:~# /lib/ufw/ufw-init start
Skip starting firewall: ufw (not enabled)

Что странно потому что: 

root@vps43220:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
1488                       ALLOW       Anywhere                  
16122/udp                  ALLOW       Anywhere                  
22/tcp                     ALLOW       Anywhere                  
1194/udp                   ALLOW       Anywhere                  
1488 (v6)                  ALLOW       Anywhere (v6)             
16122/udp (v6)             ALLOW       Anywhere (v6)             
22/tcp (v6)                ALLOW       Anywhere (v6)             
1194/udp (v6)              ALLOW       Anywhere (v6)

Настраиваю сама в первый раз. Может кто нибудь помочь разобраться где ошибка, а то сложновато как то?

Проблема с запуском ufw-init решилась перезагрузкой сервера. 

root@vps43220:~# ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
root@vps43220:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
1488                       ALLOW       Anywhere                  
16122/udp                  ALLOW       Anywhere                  
22/tcp                     ALLOW       Anywhere                  
1194/udp                   ALLOW       Anywhere                  
1488 (v6)                  ALLOW       Anywhere (v6)             
16122/udp (v6)             ALLOW       Anywhere (v6)             
22/tcp (v6)                ALLOW       Anywhere (v6)             
1194/udp (v6)              ALLOW       Anywhere (v6)

Но меня смущает присутсвие портов tcp. Разве они могут корректно работать вместе с udp? В инструкции в выводе команды ufw status их должно быть четыре а не восемь как у меня и tcp там нет: 

To                         Action      From
--                         ------      ----
1488                       ALLOW       Anywhere                  
16122/udp                  ALLOW       Anywhere                                                      
1488 (v6)                  ALLOW       Anywhere (v6)             
16122/udp (v6)             ALLOW       Anywhere (v6)

Где то я напортачила. А вот где.

Источник

hb2022

Posts: 2
Joined: Tue May 31, 2022 6:47 pm
languages_spoken: english
Has thanked:
2 times
Been thanked:
1 time
Contact:

[SOLVED] ufw/ip6tables working?

Hi,

Did anyone have success with the ‘ufw’ firewall package yet?

When I try to enable it with ‘ufw enable’ I errors errors from iptables-restore:

ERROR: problem running ufw-init
iptables-restore v1.8.4 (legacy): unknown option «—sport»
Error occurred at line: 46
Try `iptables-restore -h’ or ‘iptables-restore —help’ for more information.
iptables-restore v1.8.4 (legacy): unknown option «—dport»
Error occurred at line: 19
Try `iptables-restore -h’ or ‘iptables-restore —help’ for more information.
iptables-restore v1.8.4 (legacy): unknown option «—dport»
Error occurred at line: 21
Try `iptables-restore -h’ or ‘iptables-restore —help’ for more information.

Problem loading ipv6 (skipping)
Problem running ‘/etc/ufw/before.rules’
Problem running ‘/etc/ufw/after.rules’
Problem running ‘/etc/ufw/user.rules’

And ‘ip6tables -L’ gives an error:

ip6tables v1.8.4 (legacy): can’t initialize ip6tables table `filter’: Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

Even worse, after `ufw alllow 22` then `ufw status verbose` suggests that ssh is allowed but the output from iptables -L shows it does not allow anything.

On my 20.04 intel desktop this works without problems.

My M1 is running the image from https://dn.odroid.com/RK3568/ODROID-M1/ … 427.img.xz with all available updates from ‘apt update && apt upgrade’.

I’d appreciate any hints on how to fix this.

Thanks

Last edited by hb2022 on Mon Jul 18, 2022 4:43 am, edited 2 times in total.

User avatar

rooted

Posts: 9978
Joined: Fri Dec 19, 2014 9:12 am
languages_spoken: english
Location: Gulf of Mexico, US
Has thanked:
779 times
Been thanked:
583 times
Contact:

Re: ufw/ip6tables working?

Post

by rooted » Thu Jun 02, 2022 3:06 am

Ubuntu 21 defaults to using nftables so this may be related if that is the version.

*Edit*
I expanded the link, it’s still 20.yy so not related.

User avatar

tobetter

Posts: 11412
Joined: Mon Feb 25, 2013 10:55 am
languages_spoken: Korean, English
ODROIDs: Many
Location: Paju, South Korea
Has thanked:
779 times
Been thanked:
1937 times
Contact:

Re: ufw/ip6tables working?

Post

by tobetter » Thu Jul 14, 2022 10:43 pm

freundTech wrote: ↑

Thu Jul 14, 2022 10:20 pm


Some important IPv6 features are disabled in the odroid kernel. See my request to enable them here: viewtopic.php?p=352404#p352404

Thanks, new kernel package is being built now and will be uploaded in 4 hours if not failed.

These users thanked the author tobetter for the post:
hb2022 (Mon Jul 18, 2022 4:37 am)

motondo

Posts: 12
Joined: Wed Jul 13, 2022 3:02 pm
languages_spoken: english
ODROIDs: M1
Has thanked:
3 times
Been thanked:
0
Contact:

Re: ufw/ip6tables working?

Post

by motondo » Sat Jul 16, 2022 2:37 am

Thanks, new kernel package is being built now and will be uploaded in 4 hours if not failed.
Top

Hi, where do I could download this kernel?

Thanks

hb2022

Posts: 2
Joined: Tue May 31, 2022 6:47 pm
languages_spoken: english
Has thanked:
2 times
Been thanked:
1 time
Contact:

Re: ufw/ip6tables working?

Post

by hb2022 » Mon Jul 18, 2022 4:37 am

The linux-image-4.19.219-odroid-arm64/stable,now 4.19.219-202207142200~focal build does indeed work with ufw and docker for me! Earlier versions did not.

@motondo
I installed ubuntu-20.04-server-odroidm1-20220531.img from https://dn.odroid.com/RK3568/ODROID-M1/Ubuntu/, then ufw did not work as described above; then I did `apt update && apt upgrade` and after that ufw and docker started working.

For the record, I also tried the 22.04 server build and that works but has one major problem: After a clean reboot, the docker images no longer run correctly.

Thanks!

These users thanked the author hb2022 for the post:
motondo (Tue Jul 19, 2022 4:25 pm)

motondo

Posts: 12
Joined: Wed Jul 13, 2022 3:02 pm
languages_spoken: english
ODROIDs: M1
Has thanked:
3 times
Been thanked:
0
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by motondo » Mon Jul 18, 2022 4:13 pm

@ hb2022,
I appreciate your help. Thank you!!

Unfortunately did not work for me. I’ve installed from «ubuntu-20.04-server-odroidm1-20220531.img.xz»

user@host:~$ ls -la /boot
total 21120
drwxr-xr-x 4 root root 4096 may 31 11:44 .
drwxr-xr-x 20 root root 4096 jul 13 14:15 ..
-rw-rw-r— 1 root root 41831 may 31 07:11 boot-logo.bmp.gz
-rw-r—r— 1 root root 3229 may 31 11:43 boot.scr
-rw-r—r— 1 root root 3229 may 31 11:41 boot.scr.bak
-rw-r—r— 1 root root 174961 may 27 05:16 config-4.19.219-odroid-arm64
-rw-r—r— 1 root root 159 may 31 11:37 config.ini
lrwxrwxrwx 1 root root 56 may 31 11:43 dtb -> dtbs/4.19.219-odroid-arm64/rockchip/rk3568-odroid-m1.dtb
lrwxrwxrwx 1 root root 56 may 31 11:43 dtb-4.19.219-odroid-arm64 -> dtbs/4.19.219-odroid-arm64/rockchip/rk3568-odroid-m1.dtb
drwxr-xr-x 3 root root 4096 may 31 11:39 dtbs
lrwxrwxrwx 1 root root 32 may 31 11:35 initrd.img -> initrd.img-4.19.219-odroid-arm64
-rw-r—r— 1 root root 10434669 may 31 11:43 initrd.img-4.19.219-odroid-arm64
lrwxrwxrwx 1 root root 32 may 31 11:35 initrd.img.old -> initrd.img-4.19.219-odroid-arm64
drwx—— 2 root root 16384 may 31 11:44 lost+found
-rw-r—r— 1 root root 4006452 may 27 05:16 System.map-4.19.219-odroid-arm64
lrwxrwxrwx 1 root root 29 may 31 11:35 vmlinuz -> vmlinuz-4.19.219-odroid-arm64
-rw-r—r— 1 root root 6877680 may 27 05:16 vmlinuz-4.19.219-odroid-arm64
lrwxrwxrwx 1 root root 29 may 31 11:35 vmlinuz.old -> vmlinuz-4.19.219-odroid-arm64

user@host:~$ sudo apt update && sudo apt upgrade
Obj:1 http://ppa.launchpad.net/ondrej/apache2/ubuntu focal InRelease
Obj:2 http://ports.ubuntu.com/ubuntu-ports focal InRelease
Obj:3 http://ppa.launchpad.net/ondrej/php/ubuntu focal InRelease
Obj:4 http://ports.ubuntu.com/ubuntu-ports focal-updates InRelease
Des:5 https://dlm.mariadb.com/repo/mariadb-se … epo/ubuntu focal InRelease [7.755 B]
Des:6 http://ppa.linuxfactory.or.kr focal InRelease [41,1 kB]
Des:7 https://dlm.mariadb.com/repo/maxscale/latest/apt focal InRelease [6.384 B]
Descargados 55,2 kB en 3s (22,0 kB/s)
Leyendo lista de paquetes… Hecho
Creando árbol de dependencias
Leyendo la información de estado… Hecho
Todos los paquetes están actualizados.
Leyendo lista de paquetes… Hecho
Creando árbol de dependencias
Leyendo la información de estado… Hecho
Calculando la actualización… Hecho
0 actualizados, 0 nuevos se instalarán, 0 para eliminar y 0 no actualizados.

user@host:~$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
ERROR: initcaps
[Errno 2] ip6tables v1.8.4 (legacy): can’t initialize ip6tables table `filter’: Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

user@host:~$ uname -a
Linux host 4.19.219-odroid-arm64 #1 SMP Fri, 27 May 2022 03:16:46 +0000 aarch64 aarch64 aarch64 GNU/Linux

Thanks!

User avatar

tobetter

Posts: 11412
Joined: Mon Feb 25, 2013 10:55 am
languages_spoken: Korean, English
ODROIDs: Many
Location: Paju, South Korea
Has thanked:
779 times
Been thanked:
1937 times
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by tobetter » Mon Jul 18, 2022 4:18 pm

motondo wrote: ↑

Mon Jul 18, 2022 4:13 pm


@ hb2022,
I appreciate your help. Thank you!!

Unfortunately did not work for me. I’ve installed from «ubuntu-20.04-server-odroidm1-20220531.img.xz»

user@host:~$ uname -a
Linux host 4.19.219-odroid-arm64 #1 SMP Fri, 27 May 2022 03:16:46 +0000 aarch64 aarch64 aarch64 GNU/Linux

Thanks!

I think you have not updated the kernel package yet. Please do sudo apt update && sudo apt upgrade and reboot.

motondo

Posts: 12
Joined: Wed Jul 13, 2022 3:02 pm
languages_spoken: english
ODROIDs: M1
Has thanked:
3 times
Been thanked:
0
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by motondo » Mon Jul 18, 2022 4:21 pm

@tobetter,
Thanks for your fast answer!! and your help .

I did!. Please look my previous post, it’s a complete sequence. Thank you!

User avatar

tobetter

Posts: 11412
Joined: Mon Feb 25, 2013 10:55 am
languages_spoken: Korean, English
ODROIDs: Many
Location: Paju, South Korea
Has thanked:
779 times
Been thanked:
1937 times
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by tobetter » Mon Jul 18, 2022 4:33 pm

motondo wrote: ↑

Mon Jul 18, 2022 4:21 pm


@tobetter,
Thanks for your fast answer!! and your help .

I did!. Please look my previous post, it’s a complete sequence. Thank you!

What do you have with dpkg -l | grep linux-image?

motondo

Posts: 12
Joined: Wed Jul 13, 2022 3:02 pm
languages_spoken: english
ODROIDs: M1
Has thanked:
3 times
Been thanked:
0
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by motondo » Mon Jul 18, 2022 4:38 pm

user@host:~$ sudo dpkg -l | grep linux-image

user@host:~$ sudo dpkg -l | grep linux
ii binutils-aarch64-linux-gnu 2.34-6ubuntu1.3 arm64 GNU binary utilities, for aarch64-linux-gnu target
ii libselinux1:arm64 3.0-1build2 arm64 SELinux runtime shared libraries
ii linux-libc-dev:arm64 5.18.0-202205171802~focal arm64 Linux support headers for userspace development
ii util-linux

User avatar

tobetter

Posts: 11412
Joined: Mon Feb 25, 2013 10:55 am
languages_spoken: Korean, English
ODROIDs: Many
Location: Paju, South Korea
Has thanked:
779 times
Been thanked:
1937 times
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by tobetter » Mon Jul 18, 2022 4:40 pm

motondo wrote: ↑

Mon Jul 18, 2022 4:38 pm

user@host:~$ sudo dpkg -l | grep linux-image

user@host:~$ sudo dpkg -l | grep linux
ii binutils-aarch64-linux-gnu 2.34-6ubuntu1.3 arm64 GNU binary utilities, for aarch64-linux-gnu target
ii libselinux1:arm64 3.0-1build2 arm64 SELinux runtime shared libraries
ii linux-libc-dev:arm64 5.18.0-202205171802~focal arm64 Linux support headers for userspace development
ii util-linux

Looks like some wrong your packages…
Try to run sudo apt install linux-image-4.19.219-odroid-arm64 and check again dpkg -l | grep linux-image.

motondo

Posts: 12
Joined: Wed Jul 13, 2022 3:02 pm
languages_spoken: english
ODROIDs: M1
Has thanked:
3 times
Been thanked:
0
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by motondo » Mon Jul 18, 2022 4:43 pm

user@host:~$ sudo apt install linux-image-stall linux-image-4.19.219-odroid-arm64
Leyendo lista de paquetes… Hecho
Creando árbol de dependencias
Leyendo la información de estado… Hecho
E: No se ha podido localizar el paquete linux-image-stall
user@host:~$

Sorry my system language is Spanish.

User avatar

tobetter

Posts: 11412
Joined: Mon Feb 25, 2013 10:55 am
languages_spoken: Korean, English
ODROIDs: Many
Location: Paju, South Korea
Has thanked:
779 times
Been thanked:
1937 times
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by tobetter » Mon Jul 18, 2022 4:49 pm

motondo wrote: ↑

Mon Jul 18, 2022 4:43 pm

user@host:~$ sudo apt install linux-image-stall linux-image-4.19.219-odroid-arm64
Leyendo lista de paquetes… Hecho
Creando árbol de dependencias
Leyendo la información de estado… Hecho
E: No se ha podido localizar el paquete linux-image-stall
user@host:~$

Sorry my system language is Spanish.

Why do you add linux-image-stall?

motondo

Posts: 12
Joined: Wed Jul 13, 2022 3:02 pm
languages_spoken: english
ODROIDs: M1
Has thanked:
3 times
Been thanked:
0
Contact:

motondo

Posts: 12
Joined: Wed Jul 13, 2022 3:02 pm
languages_spoken: english
ODROIDs: M1
Has thanked:
3 times
Been thanked:
0
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by motondo » Mon Jul 18, 2022 4:55 pm

@to better,

Thanks a lot!!! It works!!!

user@host:~$ dpkg -l | grep linux-image
ii linux-image-4.19.219-odroid-arm64 4.19.219-202207142200~focal arm64 Linux 4.19 for ODROID (64-bit ARMv8 machines)

user@host:~$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
user@host:~$

User avatar

tobetter

Posts: 11412
Joined: Mon Feb 25, 2013 10:55 am
languages_spoken: Korean, English
ODROIDs: Many
Location: Paju, South Korea
Has thanked:
779 times
Been thanked:
1937 times
Contact:

Re: [SOLVED] ufw/ip6tables working?

Post

by tobetter » Mon Jul 18, 2022 4:59 pm

motondo wrote: ↑

Mon Jul 18, 2022 4:55 pm


@to better,

Thanks a lot!!! It works!!!

user@host:~$ dpkg -l | grep linux-image
ii linux-image-4.19.219-odroid-arm64 4.19.219-202207142200~focal arm64 Linux 4.19 for ODROID (64-bit ARMv8 machines)

user@host:~$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
user@host:~$

glad to know it works.

These users thanked the author tobetter for the post:
motondo (Tue Jul 19, 2022 4:24 pm)

Who is online

Users browsing this forum: No registered users and 1 guest

Источник

On a fresh install of OSMC on a Vero 4k+ using the 2018-12 release, UFW (uncomplicated firewall) cannot be enabled.

Install goes fine but upon trying to use the command ufw enable I get the errors

ERROR: problem running ufw-init
iptables-restore: line 77 failed
iptables-restore: line 11 failed
ip6tables-restore: line 138 failed

Problem running '/etc/ufw/before.rules'
Problem running '/etc/ufw/user.rules'
Problem running '/etc/ufw/before6.rules'

Running the UFW check-requirements script returns a lot of errors that seem to relate to missing kernel modules.

Has python: pass (binary: python2.7, version: 2.7.13, py2)
Has iptables: pass
Has ip6tables: pass

Has /proc/net/dev: pass
Has /proc/net/if_inet6: pass

This script will now attempt to create various rules using the iptables
and ip6tables commands. This may result in module autoloading (eg, for
IPv6).
Proceed with checks (Y/n)? Y
== IPv4 ==
Creating 'ufw-check-requirements'... done
Inserting RETURN at top of 'ufw-check-requirements'... done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: FAIL
error was: iptables: No chain/target/match by that name.
hashlimit: FAIL
error was: iptables: No chain/target/match by that name.
limit: FAIL
error was: iptables: No chain/target/match by that name.
ctstate (NEW): pass
ctstate (RELATED): pass
ctstate (ESTABLISHED): pass
ctstate (INVALID): pass
ctstate (new, recent set): FAIL (no runtime support)
error was: iptables: No chain/target/match by that name.
ctstate (new, recent update): FAIL (no runtime support)
error was: iptables: No chain/target/match by that name.
ctstate (new, limit): FAIL
error was: iptables: No chain/target/match by that name.
interface (input): pass
interface (output): pass
multiport: FAIL
error was: iptables: No chain/target/match by that name.
comment: FAIL
error was: iptables: No chain/target/match by that name.
addrtype (LOCAL): pass
addrtype (MULTICAST): pass
addrtype (BROADCAST): pass
icmp (destination-unreachable): pass
icmp (source-quench): pass
icmp (time-exceeded): pass
icmp (parameter-problem): pass
icmp (echo-request): pass

== IPv6 ==
Creating 'ufw-check-requirements6'... done
Inserting RETURN at top of 'ufw-check-requirements6'... done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: FAIL
error was: ip6tables: No chain/target/match by that name.
hashlimit: FAIL
error was: ip6tables: No chain/target/match by that name.
limit: FAIL
error was: ip6tables: No chain/target/match by that name.
ctstate (NEW): pass
ctstate (RELATED): pass
ctstate (ESTABLISHED): pass
ctstate (INVALID): pass
ctstate (new, recent set): FAIL (no runtime support)
error was: ip6tables: No chain/target/match by that name.
ctstate (new, recent update): FAIL (no runtime support)
error was: ip6tables: No chain/target/match by that name.
ctstate (new, limit): FAIL
error was: ip6tables: No chain/target/match by that name.
interface (input): pass
interface (output): pass
multiport: FAIL
error was: ip6tables: No chain/target/match by that name.
comment: FAIL
error was: ip6tables: No chain/target/match by that name.
icmpv6 (destination-unreachable): pass
icmpv6 (packet-too-big): pass
icmpv6 (time-exceeded): pass
icmpv6 (parameter-problem): pass
icmpv6 (echo-request): pass
icmpv6 with hl (neighbor-solicitation): FAIL
error was: ip6tables: No chain/target/match by that name.
icmpv6 with hl (neighbor-advertisement): FAIL
error was: ip6tables: No chain/target/match by that name.
icmpv6 with hl (router-solicitation): FAIL
error was: ip6tables: No chain/target/match by that name.
icmpv6 with hl (router-advertisement): FAIL
error was: ip6tables: No chain/target/match by that name.
ipv6 rt: FAIL
error was: ip6tables: No chain/target/match by that name.

FAIL: check your kernel and that you have iptables >= 1.4.0
FAIL: check your kernel and iptables for additional runtime support
Источник

Понравилась статья? Поделить с друзьями:
  • Ubuntu ошибка отключения файловой системы
  • Ubuntu ошибка недостаточно памяти
  • Ubuntu как проверить диск на ошибки
  • Ubuntu как исправить сломанные пакеты
  • Ubuntu как исправить зависимости