search

sjtuross / syno-iptables

Some missing iptables modules for Synology
188 stars 23 forks source link

ipv6的所有模块都无法加载,报错如下 #12

Closed zptqghsw closed 2 years ago

zptqghsw commented 2 years ago

ipv6的所有模块都无法加载,报错如下 insmod: ERROR: could not insert module /lib/modules/nf_nat_ipv6.ko: Unknown symbol in module 日志: [ 130.084409] ip6table_nat: Unknown symbol ip6t_unregister_table (err 0) [ 130.084709] ip6table_nat: Unknown symbol ip6t_register_table (err 0) [ 130.084954] ip6table_nat: Unknown symbol nf_nat_ipv6_in (err 0) [ 130.085184] ip6table_nat: Unknown symbol ip6t_alloc_initial_table (err 0) [ 130.085443] ip6table_nat: Unknown symbol nf_nat_ipv6_out (err 0) [ 130.085708] ip6table_nat: Unknown symbol ip6t_do_table (err 0) [ 130.085932] ip6table_nat: Unknown symbol nf_nat_ipv6_fn (err 0) [ 130.086161] ip6table_nat: Unknown symbol nf_nat_ipv6_local_fn (err 0) [ 140.973967] ip6table_raw: Unknown symbol ip6t_unregister_table (err 0) [ 140.974230] ip6table_raw: Unknown symbol xt_hook_link (err 0) [ 140.974452] ip6table_raw: Unknown symbol ip6t_register_table (err 0) [ 140.974695] ip6table_raw: Unknown symbol ip6t_alloc_initial_table (err 0) [ 140.975033] ip6table_raw: Unknown symbol ip6t_do_table (err 0) [ 140.975260] ip6table_raw: Unknown symbol xt_hook_unlink (err 0) [ 151.919246] nf_nat_ipv6: Unknown symbol nf_ct_invert_tuplepr (err 0) [ 151.919514] nf_nat_ipv6: Unknown symbol nf_nat_alloc_null_binding (err 0) [ 151.919781] nf_nat_ipv6: Unknown symbol __nf_nat_l4proto_find (err 0) [ 151.920148] nf_nat_ipv6: Unknown symbol nf_nat_l3proto_register (err 0) [ 151.920403] nf_nat_ipv6: Unknown symbol nf_nat_l3proto_unregister (err 0) [ 151.920676] nf_nat_ipv6: Unknown symbol nf_nat_packet (err 0) [ 151.920899] nf_nat_ipv6: Unknown symbol nf_xfrm_me_harder (err 0) [ 151.921147] nf_nat_ipv6: Unknown symbol nf_nat_l4proto_unregister (err 0) [ 151.921409] nf_nat_ipv6: Unknown symbol __nf_ct_kill_acct (err 0) [ 151.921644] nf_nat_ipv6: Unknown symbol nf_nat_l4proto_register (err 0) [ 151.921893] nf_nat_ipv6: Unknown symbol nf_nat_used_tuple (err 0) [ 151.922333] nf_nat_ipv6: Unknown symbol nf_ct_nat_ext_add (err 0) [ 159.713868] nf_nat_masquerade_ipv6: Unknown symbol nf_nat_setup_info (err 0) [ 159.714198] nf_nat_masquerade_ipv6: Unknown symbol nf_ct_iterate_cleanup (err 0)

内核版本: Linux DSM 4.4.180+ #42218 SMP Fri Sep 24 02:41:40 CST 2021 x86_64 GNU/Linux synology_apollolake_918+

使用的模块: syno-iptables/apollolake/kernel-4.4.180/

sjtuross commented 2 years ago

Docker启动的时候会加载一批系统自带的ipv6模块,然后才能加载我补充提供的,你Docker装了吗?

运行lsmod | grep ip6看看已加载ipv6模块的情况

zptqghsw commented 2 years ago

麻烦问下是否有918+的/usr/syno/etc.defaults/iptables_modules_list文件呀?我好像给改坏了,可能是这个导致的。

sjtuross commented 2 years ago

下面是默认iptables_modules_list文件内容,DSM7不要去动这个文件,照Wiki做就行 https://github.com/sjtuross/syno-iptables/wiki/原生Docker-IPv6-NAT模式-(DSM-7)

KERNEL_MODULES_NAT="nf_conntrack.ko nf_defrag_ipv4.ko nf_conntrack_ipv4.ko nf_nat.ko nf_nat_redirect.ko nf_nat_ipv4.ko iptable_nat.ko xt_nat.ko nf_nat_masquerade_ipv4.ko xt_REDIRECT.ko ipt_MASQUERADE.ko"
PPTP_MODULES="arc4.ko ppp_mppe.ko bsd_comp.ko zlib_inflate.ko zlib_deflate.ko ppp_deflate.ko gre.ko pptp.ko"
GEOIP_MODULES="xt_geoip.ko"
KERNEL_MODULES_COMMON="x_tables.ko nf_conntrack.ko xt_multiport.ko xt_tcpudp.ko xt_state.ko xt_limit.ko xt_iprange.ko xt_recent.ko"
PPPOE_MODULES="pppoe.ko n_hdlc.ko ppp_synctty.ko"
OPENVPN_MODULES="tun.ko"
KERNEL_MODULES_CORE="x_tables.ko ip_tables.ko iptable_filter.ko nf_conntrack.ko nf_defrag_ipv4.ko nf_conntrack_ipv4.ko xt_LOG.ko"
TC_6_MODULES="ip6table_mangle.ko"
IPV6_MODULES="x_tables.ko nf_conntrack.ko ip6_tables.ko ip6table_filter.ko nf_defrag_ipv6.ko nf_conntrack_ipv6.ko"
L2TP_MODULES="echainiv.ko arc4.ko ppp_mppe.ko bsd_comp.ko zlib_inflate.ko zlib_deflate.ko ppp_deflate.ko udp_tunnel.ko ip6_udp_tunnel.ko l2tp_core.ko l2tp_ppp.ko hmac.ko xfrm_algo.ko xfrm_user.ko af_key.ko xfrm_ipcomp.ko ah4.ko ah6.ko esp4.ko esp6.ko tunnel4.ko tunnel6.ko xfrm4_tunnel.ko xfrm6_tunnel.ko ipcomp.ko ipcomp6.ko authenc.ko authencesn.ko deflate.ko xfrm4_mode_beet.ko xfrm6_mode_beet.ko xfrm4_mode_tunnel.ko xfrm6_mode_tunnel.ko xfrm4_mode_transport.ko xfrm6_mode_transport.ko xt_policy.ko"
TC_MODULES="iptable_mangle.ko cls_fw.ko cls_u32.ko sch_htb.ko sch_sfq.ko xt_mark.ko"
PPP_MODULES="slhc.ko ppp_generic.ko ppp_async.ko pppox.ko x_tables.ko ip_tables.ko iptable_mangle.ko xt_tcpudp.ko xt_TCPMSS.ko"
zptqghsw commented 2 years ago

我已经按照上面改了,但是发现这个文件里面的模块不会再自动加载,重启dsm后iptables用不了,但是手动可以加载模块,启动的时候这些模块是哪个脚本加载的呀?

sjtuross commented 2 years ago

iptables_modules_list定义了多个环境变量,供网络类应用加载所需的iptables模块,是共用的。以Docker package为例,/var/packages/Docker/scripts/start-stop-status这个启动脚本就会调用iptables_modules_list。你回忆下到底改过啥,想办法恢复默认,我这仓库只是提供模块,实践分享也是基于默认安装的系统。