I wound up solving this myself by painstakingly looking at a kernel of a working machine and getting all of the network-related options to match.
Here is the gist of the changes I had to make to the kernel to get this to work: https://gist.github.com/afalko/034966bf72f5da8070d5829c8aac40e4 I followed it up by rebuilding the kernel like so: MAKEOPTS="-j4" make && make modules && make modules_install && make install && make mo dules_prepare && emerge @module-rebuild Hopefully this might help another poor soul who might get stuck on this. -Andrey On Fri, Nov 16, 2018 at 1:34 AM Andrey F. <ma3ox...@gmail.com> wrote: > > Hi everyone, > > I have a newly provisioned machine and for the life of me, I can't get > iptables working. Here is the error: > > # iptables -L > iptables v1.6.1: can't initialize iptables table `filter': Table does > not exist (do you need to i > nsmod?) > Perhaps iptables or your kernel needs to be upgraded. > > # lsmod > Module Size Used by > ip_tables 24576 0 > > I see the same error after manually modprobing iptable_filter: > > # modprobe iptable_filter > # lsmod > Module Size Used by > iptable_filter 16384 0 > ip_tables 24576 1 iptable_filter > > I've also tried building it into the kernel, with no luck. On the > userspace-side I've went as far is doing a full "emerge -e iptables". > I tried upgrading to iptables-1.8 too. I also tried upgrading kernel > headers to match the version of the kernel I'm currnetly running. > Nothing I do can get it to work. > > # uname -r > 4.18.18 > > Thanks in advance for any suggestions! > -Andrey > > P.S. Below are my related kernel settings. I tried to make them all > built-in, but that didn't work. > > # zcat /proc/config.gz | grep NETF | grep -v XT > CONFIG_NETFILTER=y > CONFIG_NETFILTER_ADVANCED=y > CONFIG_BRIDGE_NETFILTER=y > CONFIG_NETFILTER_INGRESS=y > CONFIG_NETFILTER_NETLINK=y > CONFIG_NETFILTER_FAMILY_BRIDGE=y > CONFIG_NETFILTER_FAMILY_ARP=y > CONFIG_NETFILTER_NETLINK_ACCT=y > CONFIG_NETFILTER_NETLINK_QUEUE=y > CONFIG_NETFILTER_NETLINK_LOG=y > CONFIG_NETFILTER_CONNCOUNT=y > CONFIG_NETFILTER_NETLINK_GLUE_CT=y > CONFIG_NETFILTER_SYNPROXY=y > > # zcat /proc/config.gz | grep IPTA > CONFIG_IP_NF_IPTABLES=m > CONFIG_IP6_NF_IPTABLES=y > > # zcat /proc/config.gz | grep IP_NF > CONFIG_IP_NF_IPTABLES=m > CONFIG_IP_NF_MATCH_AH=m > CONFIG_IP_NF_MATCH_ECN=m > CONFIG_IP_NF_MATCH_RPFILTER=m > CONFIG_IP_NF_MATCH_TTL=m > CONFIG_IP_NF_FILTER=m > CONFIG_IP_NF_TARGET_REJECT=m > CONFIG_IP_NF_TARGET_SYNPROXY=m > CONFIG_IP_NF_NAT=m > CONFIG_IP_NF_TARGET_MASQUERADE=m > CONFIG_IP_NF_TARGET_NETMAP=m > CONFIG_IP_NF_TARGET_REDIRECT=m > CONFIG_IP_NF_MANGLE=m > CONFIG_IP_NF_TARGET_CLUSTERIP=m > CONFIG_IP_NF_TARGET_ECN=m > CONFIG_IP_NF_TARGET_TTL=m > # CONFIG_IP_NF_RAW is not set > CONFIG_IP_NF_SECURITY=m > CONFIG_IP_NF_ARPTABLES=y > CONFIG_IP_NF_ARPFILTER=y > CONFIG_IP_NF_ARP_MANGLE=y
