Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

iptables: Couldn't load match `comment':No such file or directory #18

Closed
Ale32bit opened this issue Apr 2, 2021 · 5 comments
Closed

iptables: Couldn't load match `comment':No such file or directory #18

Ale32bit opened this issue Apr 2, 2021 · 5 comments
Labels
solved solved

Comments

@Ale32bit
Copy link

Ale32bit commented Apr 2, 2021
edited
Loading

Upon running sudo lnxrouter --ap wlan0 Alex -p #### iptables fails.

WARN: brmfmac driver doesn't work properly with virtual interfaces and
      it can cause kernel panic. For this reason we disallow virtual
      interfaces for your adapter.
      For more info: https://github.com/oblique/create_ap/issues/203
WARN: Your adapter does not fully support AP virtual interface, enabling --no-virt
PID: 3969
Target interface is wlan0 (dc:a6:32:ae:05:4b)
Use random LAN IPv4 address 192.168.77.1
haveged_watchdog PID: 4041

Starting hostapd
hostapd PID: 4044
Configuration file: /dev/shm/lnxrouter_tmp/lnxrouter.wlan0.conf.ycq/hostapd.conf
wlan0: Could not connect to kernel driver
Using interface wlan0 with hwaddr dc:a6:32:ae:05:4b and ssid "Alex"
wlan0: interface state UNINITIALIZED->ENABLED
wlan0: AP-ENABLED

iptables: NAT
iptables v1.8.2 (nf_tables): Couldn't load match `comment':No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
Error occured


Doing cleanup..
Terminated
Killed 4041 lnxrouter
wlan0: interface state ENABLED->DISABLED
wlan0: AP-DISABLED
wlan0: CTRL-EVENT-TERMINATING
nl80211: deinit ifname=wlan0 disabled_11b_rates=0
Killed 4044 hostapd
iptables: stop NAT
iptables: unallow DNS
iptables: unallow dhcp
Exiting: This is the only running instance
Cleaning up done
@garywill
Copy link
Owner

garywill commented Apr 3, 2021
edited
Loading

iptables v1.8.2 (nf_tables): Couldn't load match `comment':No such file or directory

Your iptables is nftables backend. I haven't used or tested with it. Am using legacy iptables.

You can try modify

linux-router/lnxrouter

Lines 796 to 805 in 1e3c500

iptables_()
{
iptables -w $@ -m comment --comment "lnxrouter-$$-$SUBNET_IFACE"
return $?
}
ip6tables_()
{
ip6tables -w $@ -m comment --comment "lnxrouter-$$-$SUBNET_IFACE"
return $?
}

delete -m comment --comment "lnxrouter-$$-$SUBNET_IFACE"

If still see problem, try use legacy iptables. For example switch to legacy like
oblique/create_ap#373
oblique/create_ap#433

@garywill

This comment has been minimized.

Sign in to view
@Ale32bit

This comment has been minimized.

Sign in to view
@garywill
Copy link
Owner

garywill commented Apr 3, 2021
edited
Loading

Couldn't load match `comment':No such file or directory

your iptables doesn't support comment.
Delete -m comment --comment "lnxrouter-$$-$SUBNET_IFACE" (see above said). It's a workaround.

What OS are you using? What version?

Googling found kubernetes-sigs/kind#1461
CONFIG_NETFILTER_XT_MATCH_COMMENT not set on some system
On a working system lsmod|grep table output should(not necessary) contain xt_comment

@garywill
Copy link
Owner

garywill commented Apr 17, 2021
edited
Loading

Added a comment module judgement

Update:
User can set environment variable NETFILTER_XT_MATCH_COMMENT=0, if wants to disable '-m comment'

@mossroy mossroy mentioned this issue Jan 8, 2022
Closed
1 task
@garywill garywill added the solved solved label Jan 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
solved solved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Ale32bit @garywill