The Perfect Xen 3.0.3 Setup For Debian Sarge iptables problem on dom0

hi and a big thanks goes to falkotimme for the nice howto "The Perfect Xen 3.0.3 Setup For Debian Sarge"

everything goes fine but there is one problem with the iptables on dom0

when i compile the kernel for the dom0 and reboot the system and try on the console iptbales -L i get an error :

iptables v1.2.11: can't initialize iptables table `filter': Table does not
exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.


i dont know that is normal but i think it's not ...
after a look into the forum here i was finding an other thread with the same problem but with no real result fix

first i think i have made a mistake, ok then i make the system new, formatted the hole disk and installed debian net inst 3.1r3 again ...
the system is new and the problem is not gone away after i compiled the dom0 kernel and im real sure that i have verified all my steps that is written in the howto

i have the same results like the idol when i type the commands allready wroted like

uname -a
Linux debian 2.6.16.29-xen0 #2 Mon Nov 6 12:49:09 CET 2006 i686 GNU/Linux

updatedb
locate iptables
/lib/iptables
/lib/iptables/libip6t_ah.so
/lib/iptables/libip6t_condition.so
/lib/iptables/libip6t_dst.so
/lib/iptables/libip6t_esp.so
/lib/iptables/libip6t_eui64.so
/lib/iptables/libip6t_frag.so
/lib/iptables/libip6t_fuzzy.so
/lib/iptables/libip6t_hbh.so
/lib/iptables/libip6t_hl.so
/lib/iptables/libip6t_HL.so
/lib/iptables/libip6t_icmpv6.so
/lib/iptables/libip6t_ipv6header.so
/lib/iptables/libip6t_length.so
/lib/iptables/libip6t_limit.so
/lib/iptables/libip6t_LOG.so
/lib/iptables/libip6t_mac.so
/lib/iptables/libip6t_mark.so
/lib/iptables/libip6t_MARK.so
/lib/iptables/libip6t_multiport.so
/lib/iptables/libip6t_nth.so
/lib/iptables/libip6t_owner.so
/lib/iptables/libip6t_policy.so
/lib/iptables/libip6t_random.so
/lib/iptables/libip6t_REJECT.so
/lib/iptables/libip6t_ROUTE.so
/lib/iptables/libip6t_rt.so
/lib/iptables/libip6t_standard.so
/lib/iptables/libip6t_tcp.so
/lib/iptables/libip6t_TRACE.so
/lib/iptables/libip6t_udp.so
/lib/iptables/libipt_addrtype.so
/lib/iptables/libipt_ah.so
/lib/iptables/libipt_CLASSIFY.so
/lib/iptables/libipt_condition.so
/lib/iptables/libipt_connlimit.so
/lib/iptables/libipt_connmark.so
/lib/iptables/libipt_CONNMARK.so
/lib/iptables/libipt_conntrack.so
/lib/iptables/libipt_DNAT.so
/lib/iptables/libipt_dscp.so
/lib/iptables/libipt_DSCP.so
/lib/iptables/libipt_dstlimit.so
/lib/iptables/libipt_ecn.so
/lib/iptables/libipt_ECN.so
/lib/iptables/libipt_esp.so
/lib/iptables/libipt_fuzzy.so
/lib/iptables/libipt_helper.so
/lib/iptables/libipt_icmp.so
/lib/iptables/libipt_IPMARK.so
/lib/iptables/libipt_iprange.so
/lib/iptables/libipt_ipv4options.so
/lib/iptables/libipt_IPV4OPTSSTRIP.so
/lib/iptables/libipt_length.so
/lib/iptables/libipt_limit.so
/lib/iptables/libipt_LOG.so
/lib/iptables/libipt_mac.so
/lib/iptables/libipt_mark.so
/lib/iptables/libipt_MARK.so
/lib/iptables/libipt_MASQUERADE.so
/lib/iptables/libipt_MIRROR.so
/lib/iptables/libipt_mport.so
/lib/iptables/libipt_multiport.so
/lib/iptables/libipt_NETLINK.so
/lib/iptables/libipt_NETMAP.so
/lib/iptables/libipt_NOTRACK.so
/lib/iptables/libipt_nth.so
/lib/iptables/libipt_osf.so
/lib/iptables/libipt_owner.so
/lib/iptables/libipt_physdev.so
/lib/iptables/libipt_pkttype.so
/lib/iptables/libipt_policy.so
/lib/iptables/libipt_pool.so
/lib/iptables/libipt_POOL.so
/lib/iptables/libipt_psd.so
/lib/iptables/libipt_quota.so
/lib/iptables/libipt_random.so
/lib/iptables/libipt_realm.so
/lib/iptables/libipt_recent.so
/lib/iptables/libipt_REDIRECT.so
/lib/iptables/libipt_REJECT.so
/lib/iptables/libipt_ROUTE.so
/lib/iptables/libipt_rpc.so
/lib/iptables/libipt_SAME.so
/lib/iptables/libipt_sctp.so
/lib/iptables/libipt_set.so
/lib/iptables/libipt_SET.so
/lib/iptables/libipt_SNAT.so
/lib/iptables/libipt_standard.so
/lib/iptables/libipt_state.so
/lib/iptables/libipt_string.so
/lib/iptables/libipt_TARPIT.so
/lib/iptables/libipt_TCPLAG.so
/lib/iptables/libipt_tcpmss.so
/lib/iptables/libipt_TCPMSS.so
/lib/iptables/libipt_tcp.so
/lib/iptables/libipt_time.so
/lib/iptables/libipt_tos.so
/lib/iptables/libipt_TOS.so
/lib/iptables/libipt_TRACE.so
/lib/iptables/libipt_ttl.so
/lib/iptables/libipt_TTL.so
/lib/iptables/libipt_u32.so
/lib/iptables/libipt_udp.so
/lib/iptables/libipt_ULOG.so
/lib/iptables/libipt_unclean.so
/lib/iptables/libipt_XOR.so
/sbin/iptables
/sbin/iptables-restore
/sbin/iptables-save
/usr/share/doc/iptables
/usr/share/doc/iptables/changelog.Debian.gz
/usr/share/doc/iptables/changelog.gz
/usr/share/doc/iptables/copyright
/usr/share/doc/iptables/examples
/usr/share/doc/iptables/examples/3iptables-ppp_down-rules
/usr/share/doc/iptables/examples/3iptables-ppp_up-rules.gz
/usr/share/doc/iptables/examples/oldinitdscript.gz
/usr/share/doc/iptables/html
/usr/share/doc/iptables/html/NAT-HOWTO-10.html
/usr/share/doc/iptables/html/NAT-HOWTO-11.html
/usr/share/doc/iptables/html/NAT-HOWTO-1.html
/usr/share/doc/iptables/html/NAT-HOWTO-2.html
/usr/share/doc/iptables/html/NAT-HOWTO-3.html
/usr/share/doc/iptables/html/NAT-HOWTO-4.html
/usr/share/doc/iptables/html/NAT-HOWTO-5.html
/usr/share/doc/iptables/html/NAT-HOWTO-6.html
/usr/share/doc/iptables/html/NAT-HOWTO-7.html
/usr/share/doc/iptables/html/NAT-HOWTO-8.html
/usr/share/doc/iptables/html/NAT-HOWTO-9.html
/usr/share/doc/iptables/html/NAT-HOWTO.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-10.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-11.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-1.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-2.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-3.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-4.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-5.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-6.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-7.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-8.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-9.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO.html
/usr/share/doc/iptables/README.Debian.gz
/usr/share/lintian/overrides/iptables
/usr/share/man/man8/iptables.8.gz
/usr/share/man/man8/iptables-restore.8.gz
/usr/share/man/man8/iptables-save.8.gz
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables/module.h
/var/lib/dpkg/info/iptables.list
/var/lib/dpkg/info/iptables.md5sums
/var/lib/dpkg/info/iptables.postinst
/var/lib/dpkg/info/iptables.prerm

is there an other way to get iptables running under dom0 ...domU is a precompiled system (FLI4L) its support iptables

thanks a lot i hope someone can help me and other users they have the sameproblem like me and the idol

best regards
ren22

 

or maybe one can help howto compile a kernel with iptables inside and not as a module for the dom0 ...

thanks a lot for helping me out

LG ren22

 

hey again

other question, after i installed xen from the sources then modifying the bootloader and add

title Xen 3.0.3 / XenLinux 2.6
root (hd0,0)
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6-xen root=/dev/hda6 ro max_loop=255
module /initrd.img-2.6.16.29-xen

reboot and booting up this configuration and type on the console
iptables -L
and get the result

debian:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

...iptables looks fine ..

so when i compile the kernel with the options

File systems --> [*] Quota support
<M> Old quota format support
<M> Quota format v2 support

Device Drivers ---> Network device support ---> <M> Dummy net driver support

Networking ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> Core Netfilter Configuration ---> <M> Netfilter Xtables support (required for ip_tables)

Networking ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)

modifying again the boot loader for the new kernel and boot it up
then i get the error from my first post ...

WHERE IS THE FUKING PROBLEM ????????????????????????

ihave tried to the options to as no module but directly inside the kernel but there problem isnt gone away ...im so stupid or is the really a problem with iptables ?

LG ren22

 

What exactly did you modify?

 

hi falko and thx for your support

i only modifying the bootloader with the start options ..(this is what i mean with
...
modifiynd)
...
title Xen 3.0.3 / XenLinux 2.6
root (hd0,0)
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6-xen root=/dev/hda6 ro max_loop=255
module /initrd.img-2.6.16.29-xen
...

and i was trying to implement the iptables directly in the kernel and not as modules ...

LG ren22

 

no one has an idea to fix the problem ?

LG ren22

 

I mean what exactly did you have in your menu.lst when iptables didn't work, and what did you have in there when it worked? Please post both configurations so that we can compare them...

 

thanks falko for ur help
..so i have reinstalled my debian system plus your howto and now after the third installation it works ^^
idont know why or where was the prob but the different thing what i was doing is i added all iptables modules in the kernelconfig menu as modules and after this its working right now "iptables -L"
but one problem is left only my second card will connect to the internet and i must reinstall it again
..i am not a linux guru just a beginner since 3month i hope its works again after reinstalling the 4time

LG ren22

and many thanks for helping me out
maybe this thread can be closed

 

I installed iptables as a module in the tutorial, too: http://www.howtoforge.com/debian_sarge_xen_3.0.3_p2

 

Same problem...

I am having the same problem.
iptables -L in dom0 gives the following:

Code:

x2100:~# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

I have followed The Perfect Xen 3.0.3 Setup For Debian Sarge to the letter, except for the fact that I needed an initrd to get my dom0 kernel to boot. Could this have anything to do with the iptables not being included as a module?

uname -a gives:

x2100:~# uname -a
Linux x2100.ecobee.co.uk 2.6.16.29-xen0 #6 Mon Dec 11 23:37:19 GMT 2006 i686 GNU/Linux

Thanks in advance for any suggestions.

 

What's the output of

Code:

grep -i iptables /boot/config-2.6.16.29-xen0

?

 

Hi Falko,
thanks for sparing me a minute.

Code:

x2100:~# grep -i iptables /boot/config-2.6.16.29-xen0
CONFIG_IP_NF_IPTABLES=m

 

Please try

Code:

insmod iptables

Then run

Code:

iptables -L

again.

 

Code:

x2100:~# insmod iptables
insmod: can't read 'iptables': No such file or directory

Code:

x2100:~# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

 

What's the output of

Code:

updatedb
locate iptables

?

 

Hi Falko,
thanks for your input, you are a legend!
I ran the above commands and here's the output:

Code:

x2100:~# updatedb
x2100:~# locate iptables
/lib/iptables
/lib/iptables/libip6t_ah.so
/lib/iptables/libip6t_condition.so
/lib/iptables/libip6t_dst.so
/lib/iptables/libip6t_esp.so
/lib/iptables/libip6t_eui64.so
/lib/iptables/libip6t_frag.so
/lib/iptables/libip6t_fuzzy.so
/lib/iptables/libip6t_hbh.so
/lib/iptables/libip6t_hl.so
/lib/iptables/libip6t_HL.so
/lib/iptables/libip6t_icmpv6.so
/lib/iptables/libip6t_ipv6header.so
/lib/iptables/libip6t_length.so
/lib/iptables/libip6t_limit.so
/lib/iptables/libip6t_LOG.so
/lib/iptables/libip6t_mac.so
/lib/iptables/libip6t_mark.so
/lib/iptables/libip6t_MARK.so
/lib/iptables/libip6t_multiport.so
/lib/iptables/libip6t_nth.so
/lib/iptables/libip6t_owner.so
/lib/iptables/libip6t_policy.so
/lib/iptables/libip6t_random.so
/lib/iptables/libip6t_REJECT.so
/lib/iptables/libip6t_ROUTE.so
/lib/iptables/libip6t_rt.so
/lib/iptables/libip6t_standard.so
/lib/iptables/libip6t_tcp.so
/lib/iptables/libip6t_TRACE.so
/lib/iptables/libip6t_udp.so
/lib/iptables/libipt_addrtype.so
/lib/iptables/libipt_ah.so
/lib/iptables/libipt_CLASSIFY.so
/lib/iptables/libipt_condition.so
/lib/iptables/libipt_connlimit.so
/lib/iptables/libipt_connmark.so
/lib/iptables/libipt_CONNMARK.so
/lib/iptables/libipt_conntrack.so
/lib/iptables/libipt_DNAT.so
/lib/iptables/libipt_dscp.so
/lib/iptables/libipt_DSCP.so
/lib/iptables/libipt_dstlimit.so
/lib/iptables/libipt_ecn.so
/lib/iptables/libipt_ECN.so
/lib/iptables/libipt_esp.so
/lib/iptables/libipt_fuzzy.so
/lib/iptables/libipt_helper.so
/lib/iptables/libipt_icmp.so
/lib/iptables/libipt_IPMARK.so
/lib/iptables/libipt_iprange.so
/lib/iptables/libipt_ipv4options.so
/lib/iptables/libipt_IPV4OPTSSTRIP.so
/lib/iptables/libipt_length.so
/lib/iptables/libipt_limit.so
/lib/iptables/libipt_LOG.so
/lib/iptables/libipt_mac.so
/lib/iptables/libipt_mark.so
/lib/iptables/libipt_MARK.so
/lib/iptables/libipt_MASQUERADE.so
/lib/iptables/libipt_MIRROR.so
/lib/iptables/libipt_mport.so
/lib/iptables/libipt_multiport.so
/lib/iptables/libipt_NETLINK.so
/lib/iptables/libipt_NETMAP.so
/lib/iptables/libipt_NOTRACK.so
/lib/iptables/libipt_nth.so
/lib/iptables/libipt_osf.so
/lib/iptables/libipt_owner.so
/lib/iptables/libipt_physdev.so
/lib/iptables/libipt_pkttype.so
/lib/iptables/libipt_policy.so
/lib/iptables/libipt_pool.so
/lib/iptables/libipt_POOL.so
/lib/iptables/libipt_psd.so
/lib/iptables/libipt_quota.so
/lib/iptables/libipt_random.so
/lib/iptables/libipt_realm.so
/lib/iptables/libipt_recent.so
/lib/iptables/libipt_REDIRECT.so
/lib/iptables/libipt_REJECT.so
/lib/iptables/libipt_ROUTE.so
/lib/iptables/libipt_rpc.so
/lib/iptables/libipt_SAME.so
/lib/iptables/libipt_sctp.so
/lib/iptables/libipt_set.so
/lib/iptables/libipt_SET.so
/lib/iptables/libipt_SNAT.so
/lib/iptables/libipt_standard.so
/lib/iptables/libipt_state.so
/lib/iptables/libipt_string.so
/lib/iptables/libipt_TARPIT.so
/lib/iptables/libipt_TCPLAG.so
/lib/iptables/libipt_tcpmss.so
/lib/iptables/libipt_TCPMSS.so
/lib/iptables/libipt_tcp.so
/lib/iptables/libipt_time.so
/lib/iptables/libipt_tos.so
/lib/iptables/libipt_TOS.so
/lib/iptables/libipt_TRACE.so
/lib/iptables/libipt_ttl.so
/lib/iptables/libipt_TTL.so
/lib/iptables/libipt_u32.so
/lib/iptables/libipt_udp.so
/lib/iptables/libipt_ULOG.so
/lib/iptables/libipt_unclean.so
/lib/iptables/libipt_XOR.so
/sbin/iptables
/sbin/iptables-restore
/sbin/iptables-save
/usr/share/doc/iptables
/usr/share/doc/iptables/changelog.Debian.gz
/usr/share/doc/iptables/changelog.gz
/usr/share/doc/iptables/copyright
/usr/share/doc/iptables/examples
/usr/share/doc/iptables/examples/3iptables-ppp_down-rules
/usr/share/doc/iptables/examples/3iptables-ppp_up-rules.gz
/usr/share/doc/iptables/examples/oldinitdscript.gz
/usr/share/doc/iptables/html
/usr/share/doc/iptables/html/NAT-HOWTO-10.html
/usr/share/doc/iptables/html/NAT-HOWTO-11.html
/usr/share/doc/iptables/html/NAT-HOWTO-1.html
/usr/share/doc/iptables/html/NAT-HOWTO-2.html
/usr/share/doc/iptables/html/NAT-HOWTO-3.html
/usr/share/doc/iptables/html/NAT-HOWTO-4.html
/usr/share/doc/iptables/html/NAT-HOWTO-5.html
/usr/share/doc/iptables/html/NAT-HOWTO-6.html
/usr/share/doc/iptables/html/NAT-HOWTO-7.html
/usr/share/doc/iptables/html/NAT-HOWTO-8.html
/usr/share/doc/iptables/html/NAT-HOWTO-9.html
/usr/share/doc/iptables/html/NAT-HOWTO.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-10.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-11.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-1.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-2.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-3.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-4.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-5.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-6.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-7.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-8.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-9.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO.html
/usr/share/doc/iptables/README.Debian.gz
/usr/share/lintian/overrides/iptables
/usr/share/man/man8/iptables.8.gz
/usr/share/man/man8/iptables-restore.8.gz
/usr/share/man/man8/iptables-save.8.gz
/var/lib/dpkg/info/iptables.list
/var/lib/dpkg/info/iptables.md5sums
/var/lib/dpkg/info/iptables.postinst
/var/lib/dpkg/info/iptables.prerm
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables/module.h
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables/module.h
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables/module.h
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xenU/include/config/ip/nf/iptables
/vserver/src/xen-3.0.3_0-src/linux-2.6.16.29-xenU/include/config/ip/nf/iptables/module.h

 

There's no iptables module (normally this is in /lib/modules/<kernel>/...). You are sure you enabled iptables as a module during the kernel configuration (your kernel configuration file says so, but you can never know)?

 

Hi Falko,
yes I am sure that I enabled the module during the kernel configuration, and I have repeated the steps several times.
Do you know of any reason why this wouldn't work?
In the mean time I will try again.
Many thanks!

 

I have no idea.

 

I still have the same problem. I have just done another completely clean install and after booting into dom0 have no iptables. It seems others have the same problem
on this thread.

The only difference in my installation this time is that I managed to avoid using a ramdisk image for my dom0 by including the required nvidia SATA drivers in the kernel. I had hoped this would help, but it hasn't.

Just in case you spot anything else, here are the details as before:

Code:

x2100:~# insmod iptables

insmod: can't read 'iptables': No such file or directory

x2100:~# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

x2100:~# grep -i iptables /boot/config-2.6.16.29-xen0
CONFIG_IP_NF_IPTABLES=m

x2100:~# insmod iptables
insmod: can't read 'iptables': No such file or directory

x2100:~# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

x2100:~# updatedb
x2100:~# locate iptables
/lib/iptables
/lib/iptables/libip6t_ah.so
/lib/iptables/libip6t_condition.so
/lib/iptables/libip6t_dst.so
/lib/iptables/libip6t_esp.so
/lib/iptables/libip6t_eui64.so
/lib/iptables/libip6t_frag.so
/lib/iptables/libip6t_fuzzy.so
/lib/iptables/libip6t_hbh.so
/lib/iptables/libip6t_hl.so
/lib/iptables/libip6t_HL.so
/lib/iptables/libip6t_icmpv6.so
/lib/iptables/libip6t_ipv6header.so
/lib/iptables/libip6t_length.so
/lib/iptables/libip6t_limit.so
/lib/iptables/libip6t_LOG.so
/lib/iptables/libip6t_mac.so
/lib/iptables/libip6t_mark.so
/lib/iptables/libip6t_MARK.so
/lib/iptables/libip6t_multiport.so
/lib/iptables/libip6t_nth.so
/lib/iptables/libip6t_owner.so
/lib/iptables/libip6t_policy.so
/lib/iptables/libip6t_random.so
/lib/iptables/libip6t_REJECT.so
/lib/iptables/libip6t_ROUTE.so
/lib/iptables/libip6t_rt.so
/lib/iptables/libip6t_standard.so
/lib/iptables/libip6t_tcp.so
/lib/iptables/libip6t_TRACE.so
/lib/iptables/libip6t_udp.so
/lib/iptables/libipt_addrtype.so
/lib/iptables/libipt_ah.so
/lib/iptables/libipt_CLASSIFY.so
/lib/iptables/libipt_condition.so
/lib/iptables/libipt_connlimit.so
/lib/iptables/libipt_connmark.so
/lib/iptables/libipt_CONNMARK.so
/lib/iptables/libipt_conntrack.so
/lib/iptables/libipt_DNAT.so
/lib/iptables/libipt_dscp.so
/lib/iptables/libipt_DSCP.so
/lib/iptables/libipt_dstlimit.so
/lib/iptables/libipt_ecn.so
/lib/iptables/libipt_ECN.so
/lib/iptables/libipt_esp.so
/lib/iptables/libipt_fuzzy.so
/lib/iptables/libipt_helper.so
/lib/iptables/libipt_icmp.so
/lib/iptables/libipt_IPMARK.so
/lib/iptables/libipt_iprange.so
/lib/iptables/libipt_ipv4options.so
/lib/iptables/libipt_IPV4OPTSSTRIP.so
/lib/iptables/libipt_length.so
/lib/iptables/libipt_limit.so
/lib/iptables/libipt_LOG.so
/lib/iptables/libipt_mac.so
/lib/iptables/libipt_mark.so
/lib/iptables/libipt_MARK.so
/lib/iptables/libipt_MASQUERADE.so
/lib/iptables/libipt_MIRROR.so
/lib/iptables/libipt_mport.so
/lib/iptables/libipt_multiport.so
/lib/iptables/libipt_NETLINK.so
/lib/iptables/libipt_NETMAP.so
/lib/iptables/libipt_NOTRACK.so
/lib/iptables/libipt_nth.so
/lib/iptables/libipt_osf.so
/lib/iptables/libipt_owner.so
/lib/iptables/libipt_physdev.so
/lib/iptables/libipt_pkttype.so
/lib/iptables/libipt_policy.so
/lib/iptables/libipt_pool.so
/lib/iptables/libipt_POOL.so
/lib/iptables/libipt_psd.so
/lib/iptables/libipt_quota.so
/lib/iptables/libipt_random.so
/lib/iptables/libipt_realm.so
/lib/iptables/libipt_recent.so
/lib/iptables/libipt_REDIRECT.so
/lib/iptables/libipt_REJECT.so
/lib/iptables/libipt_ROUTE.so
/lib/iptables/libipt_rpc.so
/lib/iptables/libipt_SAME.so
/lib/iptables/libipt_sctp.so
/lib/iptables/libipt_set.so
/lib/iptables/libipt_SET.so
/lib/iptables/libipt_SNAT.so
/lib/iptables/libipt_standard.so
/lib/iptables/libipt_state.so
/lib/iptables/libipt_string.so
/lib/iptables/libipt_TARPIT.so
/lib/iptables/libipt_TCPLAG.so
/lib/iptables/libipt_tcpmss.so
/lib/iptables/libipt_TCPMSS.so
/lib/iptables/libipt_tcp.so
/lib/iptables/libipt_time.so
/lib/iptables/libipt_tos.so
/lib/iptables/libipt_TOS.so
/lib/iptables/libipt_TRACE.so
/lib/iptables/libipt_ttl.so
/lib/iptables/libipt_TTL.so
/lib/iptables/libipt_u32.so
/lib/iptables/libipt_udp.so
/lib/iptables/libipt_ULOG.so
/lib/iptables/libipt_unclean.so
/lib/iptables/libipt_XOR.so
/sbin/iptables
/sbin/iptables-restore
/sbin/iptables-save
/usr/share/doc/iptables
/usr/share/doc/iptables/changelog.Debian.gz
/usr/share/doc/iptables/changelog.gz
/usr/share/doc/iptables/copyright
/usr/share/doc/iptables/examples
/usr/share/doc/iptables/examples/3iptables-ppp_down-rules
/usr/share/doc/iptables/examples/3iptables-ppp_up-rules.gz
/usr/share/doc/iptables/examples/oldinitdscript.gz
/usr/share/doc/iptables/html
/usr/share/doc/iptables/html/NAT-HOWTO-10.html
/usr/share/doc/iptables/html/NAT-HOWTO-11.html
/usr/share/doc/iptables/html/NAT-HOWTO-1.html
/usr/share/doc/iptables/html/NAT-HOWTO-2.html
/usr/share/doc/iptables/html/NAT-HOWTO-3.html
/usr/share/doc/iptables/html/NAT-HOWTO-4.html
/usr/share/doc/iptables/html/NAT-HOWTO-5.html
/usr/share/doc/iptables/html/NAT-HOWTO-6.html
/usr/share/doc/iptables/html/NAT-HOWTO-7.html
/usr/share/doc/iptables/html/NAT-HOWTO-8.html
/usr/share/doc/iptables/html/NAT-HOWTO-9.html
/usr/share/doc/iptables/html/NAT-HOWTO.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-10.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-11.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-1.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-2.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-3.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-4.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-5.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-6.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-7.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-8.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO-9.html
/usr/share/doc/iptables/html/packet-filtering-HOWTO.html
/usr/share/doc/iptables/README.Debian.gz
/usr/share/lintian/overrides/iptables
/usr/share/man/man8/iptables.8.gz
/usr/share/man/man8/iptables-restore.8.gz
/usr/share/man/man8/iptables-save.8.gz
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen0/include/config/ip/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip6/nf/iptables/module.h
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables
/usr/src/xen-3.0.3_0-src/linux-2.6.16.29-xen/include/config/ip/nf/iptables/module.h
/var/lib/dpkg/info/iptables.list
/var/lib/dpkg/info/iptables.md5sums
/var/lib/dpkg/info/iptables.postinst
/var/lib/dpkg/info/iptables.prerm