Hi; I understand you are talking neither about about shorewall nor /etc/init.d/iptables (start/stop/restart), which seesm to work, but plain iptables(-restore) binary?
kp Am Mittwoch, 18. Januar 2017, 10:15:03 schrieb John Sager: > I'm trying to get 6.0.2-rc1 working on a PC Engines apu2c2 but there are > problems with loading modules in some cases. I note that the moddb stuff has > been removed and all module loading is now done from modules.sqfs mounted > to /lib/modules/$KVER. Although this works at early boot time to load > modules in /etc/modules it fails later on for iptables-restore and > ip6tables-restore. iptables and ip6tables autoload modules as needed for the > specific rules required. Although the scripts in /etc/init.d for iptables & > ip6tables mount modules.sqfs to load the helper modules in IPTABLES_MODULES > they don't for the -restore operation. iptables-restore is effectively just > a wrapper round iptables so it autoloads modules in the same way. > > There are other configuration applications that operate closely with the > kernel - e.g tc - and perhaps some of them also autoload modules as > necessary. They will also fail in the absence of a mounted modules.sqfs, as > will ad-hoc use of iptables during testing of new configurations in a > working environment. > > For the moment I will solve it by creating a version of /etc/modules from a > lsmod listing once everything is running properly but a better solution than > that is needed. Are there issues with mounting modules.sqfs permanently? > Would mounting /dev/sda1 permanently & readonly interfere with mounting it > readwrite temporarily somewhere else to update configdb.lrp? > > regards, > > John Sager > > ---------------------------------------------------------------------------- > -- Check out the vibrant tech community on one of the world's most > engaging tech sites, SlashDot.org! http://sdm.link/slashdot > ------------------------------------------------------------------------ > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/