I have in my firewall script the following lines (amongst others which don't affect the problem):
$DEPMOD -a $INSMOD ip_tables $INSMOD ip_conntrack $INSMOD ip_conntrack_ftp $INSMOD ip_conntrack_irc $INSMOD iptable_nat $INSMOD ip_nat_ftp
(Ofcourse the $DEPMOD and $INSMOD variables are set earlier in the script). I've always needed to do it this way since as long as I can remember to get FTP and IRC to work properly.
After upgrading to FC2, I've noticed the following generated in /var/log/messages when the script is run:
Aug 24 06:42:38 server kernel: ip_conntrack version 2.1 (1535 buckets, 12280 max) - 296 bytes per conntrack
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_ct_selective_cleanup
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol invert_tuplepr
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_ct_gather_frags
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_conntrack_untracked
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_conntrack_get
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_conntrack_htable_size
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_conntrack_destroyed
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol __ip_ct_find_proto
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol need_ip_conntrack
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_conntrack_tuple_taken
Aug 24 06:42:38 server kernel: iptable_nat: Unknown symbol ip_conntrack_alter_reply
Aug 24 06:42:38 server modprobe: FATAL: Error inserting iptable_nat (/lib/modules/2.6.6-1.435.2.3/kernel/net/ipv4/netfilter/iptable_nat.ko): Unknown symbol in module, or unknown parameter (see dmesg)
It looks like a module mismatch to me? Anybody have an idea? ip_conntrack seems OK, but why is it spewing at iptable_nat? Is it even needed?
Also, if there is TFM to R, then please tell me where, I'm happy to spend some time discovering by myself.
Regards, Ed.
