iptables fails to load nf_conntrack_ftp
Try issuing the following:
modprobe ip_conntrack & modprobe ip_conntrack_ftp
Then substitute nf_conntrack_ftp with ip_conntrack_ftp in your iptables configuration.
Related videos on Youtube
![IPTABLES [PART-1] : "UNDERSTANDING THE CONCEPT"](https://i.ytimg.com/vi/vbhr4csDeI4/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLBovKYd5heeT0eQFP4enqBJ_GCa1Q)
07 : 53
31 : 02
03 : 04
26 : 00
04 : 00
05 : 04
02 : 11
user1780242
Updated on September 18, 2022Comments
-
user1780242 almost 2 years
I have recently had to rebuild my iptables configuration and when I run
service iptables restartI now receive the following error line:
iptables: Loading additional modules: nf_conntrack_ftp [FAILED]My iptables-config file includes the following line:
IPTABLES_MODULES="nf_conntrack_ftp"When I run modprobe nf_conntrack_ftp the response is:
FATAL: Module nf_conntrack_ftp not found.Here's my iptables file:
Table: mangle Chain PREROUTING (policy ACCEPT) num target prot opt source destination
Chain INPUT (policy ACCEPT) num target prot opt source
destination 1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
state NEW tcp dpt:8447 2 ACCEPT tcp -- 0.0.0.0/0
0.0.0.0/0 state NEW tcp dpt:8443Chain FORWARD (policy ACCEPT) num target prot opt source
destinationChain OUTPUT (policy ACCEPT) num target prot opt source
destinationChain POSTROUTING (policy ACCEPT) num target prot opt source
destinationTable: filter Chain INPUT (policy DROP) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED 2 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 3 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW 4 DROP tcp -- 0.0.0.0/0 0.0.0.0/0
tcp flags:0x3F/0x3F 5 ACCEPT all -- 0.0.0.0/0
0.0.0.0/0 6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:443 8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:25 9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:995 10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:143 11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:993 12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:22 13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:110 14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:465 15 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:8181 16 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp dpt:8443 17 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0Chain FORWARD (policy ACCEPT) num target prot opt source
destinationChain OUTPUT (policy ACCEPT) num target prot opt source
destinationIt seems nf_conntrack_ftp isn't loading -- how do I load this?
-
Craig Miskell over 9 yearsLast time I saw something similar, it was on Ubuntu, and someone had uninstalled the current kernel package, thus removing the module from /lib/modules/<version>/. Is this perhaps what's happened here?
-
Michael Hampton over 9 yearsPlease post the output of thevirt-whatcommand (install it if it isn't present). -
Michael Hampton over 9 yearsYou'll need to contact your VPS provider, then.
-
Zdenek about 6 yearsMy understanding is that nf_conntrack_ftp operates on its own without needing any iptables config. Try
lsmod | grep conntrackto see if it's loaded; if not, find the file on your drive (it may have the.koextension), change to that directory and use insmod or modprobe on that file including any extension. Check/etc/modules-load.d/nf_conntrack_ftp.conffor any mistakes. If the file doesn't exist, it will simply monitor port 21.
-
-
user1780242 almost 8 yearsIf you would kindly delete your response, I would like to delete my question. Thanks for the help.
-
Timo over 3 yearsI get the error with
ufw enable, what can I do?
