kernel 2.6.x and iptables

kernel 2.6.x and iptables

[Muhammad Talha]

Dear all

i have upgraded kernel 2.4.20 to kernel 2.6.1 and i have same problem with
2.6.0 kernel as well
OS Redhat
module-init-tools 0.9.13

but i am iptables stop working its was iptables-1.2.7
then i upgraded to iptables to 1.2.9 ( lastest ) still same problem

error message i get

iptables v1.2.9:can't initialize iptables table 'filter' iptables who? (do
you need to insmod)
Perhaps iptables or kernel needs to be upgraded.

i aslo get these kind of errors when compiling iptables-1.2.9

/usr/src/linux-2.6.1/include/linux/compiler-gcc3.h:22:1 warning
""__attribute_pure__" redefined
In file included from  /usr/include/feature.h:291
                       from  /usr/include/stdio.h:28
                       from extensions/libipt_conntrack.c:5
/usr/include/sys/cdefs.h:183 warning this the location of the prevoius
definiation


###########################################

Plz help me urgently

THANKS AND Regards

TALHA

Re: kernel 2.6.x and iptables

[Unknown, Alistair Tonner]

On January 13, 2004 04:22 am, Muhammad Talha wrote:
> Dear all
>
> i have upgraded kernel 2.4.20 to kernel 2.6.1 and i have same problem with
> 2.6.0 kernel as well
> OS Redhat
> module-init-tools 0.9.13
>
> but i am iptables stop working its was iptables-1.2.7
> then i upgraded to iptables to 1.2.9 ( lastest ) still same problem
>
> error message i get
>
> iptables v1.2.9:can't initialize iptables table 'filter' iptables who? (do
> you need to insmod)
> Perhaps iptables or kernel needs to be upgraded.
>
> i aslo get these kind of errors when compiling iptables-1.2.9
>
> /usr/src/linux-2.6.1/include/linux/compiler-gcc3.h:22:1 warning
> ""__attribute_pure__" redefined
> In file included from  /usr/include/feature.h:291
>                        from  /usr/include/stdio.h:28
>                        from extensions/libipt_conntrack.c:5
> /usr/include/sys/cdefs.h:183 warning this the location of the prevoius
> definiation
>
	The redefinition warnings are just that -- warnings -- they only indicate that the headers
in /usr/include/x don't agree with stuff in netfilter ... they won't likely inhibit the compile or the 
operation of iptables.

  for both users with the 'failed to initialize' error -- 1) did you build iptables as modules or 
 into the kernel? -- 2) are you *certain* you disabled ipchains.  
3) are you *certain* that you built iptables with the correct kernel?
   -- if you change kernels you usually have to rebuilt the iptables code -- 
export KERNEL_DIR=xxxxx make
where xxxxx is the full path to your appropriate kernel source code.

  this is usually caused after a kernel rebuild by building modules and NOT loading them, especially 
if the iptables stuff was built into the kernel in the previous kernel.  
-- try
insmod ip_tables
 you might get yet another error ...

	Ummm ...anyone know off the top if RedHat puts iptables in as modules or builds it in?


Alistair

Re: kernel 2.6.x and iptables

[Sven Schuster]

[-- Attachment #1: Type: text/plain, Size: 544 bytes --]

On Tue, Jan 13, 2004 at 05:03:39AM -0500,  told us:
> 
> 	Ummm ...anyone know off the top if RedHat puts iptables in as modules or builds it in?
> 
> 
> Alistair

After taking a short look at the modules directory

/lib/modules/2.4.20-28.9/kernel/net/ipv4/netfilter

it seems that Redhat compiles iptables as separate modules, as there
are ip_tables.o, iptable_filter.o etc.

Sven

-- 
Linux zion 2.6.1 #2 Mon Jan 12 14:25:44 CET 2004 i686 athlon i386 GNU/Linux
 11:22:01  up 16:52,  4 users,  load average: 0.01, 0.01, 0.00

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: kernel 2.6.x and iptables

[Muhammad Talha]

>
>   for both users with the 'failed to initialize' error -- 1) did you build
iptables as modules or
>  into the kernel?

as module

-- 2) are you *certain* you disabled ipchains

Yes i disable ipchains
.
> 3) are you *certain* that you built iptables with the correct kernel?
>    -- if you change kernels you usually have to rebuilt the iptables
code -- 
> export KERNEL_DIR=xxxxx make
> where xxxxx is the full path to your appropriate kernel source code.
>

yes i select correct kernel

export KERNEL_DIR=/usr/src/linux-2.6.1
then
make & make install

>   this is usually caused after a kernel rebuild by building modules and
NOT loading them, especially
> if the iptables stuff was built into the kernel in the previous kernel.
> -- try
> insmod ip_tables
>  you might get yet another error ...
>

Yes u r right :(

insmod ip_tables

Can't open 'ip_tables' : No such file or directory

there is no module ip_module i have search the system

> Ummm ...anyone know off the top if RedHat puts iptables in as modules or
builds it in?
>
>
> Alistair
>

Re: kernel 2.6.x and iptables

[Muhammad Talha]

i insert modules located at /lib/modules/2.6.1/kernel/net/ipv4/netfilter

like

insmod ip_tables.ko
insmod iptables_filter.ko

and others now iptables works just fine

but i after reboot i have to insert them again
how to make them permanent ???

Thanks and Regards

Talha




----- Original Message ----- 
From: "Muhammad Talha" <talha@worldcall.net.pk>
To: <netfilter@lists.netfilter.org>
Sent: Tuesday, January 13, 2004 4:53 PM
Subject: Re: kernel 2.6.x and iptables


>
> >
> >   for both users with the 'failed to initialize' error -- 1) did you
build
> iptables as modules or
> >  into the kernel?
>
> as module
>
> -- 2) are you *certain* you disabled ipchains
>
> Yes i disable ipchains
> .
> > 3) are you *certain* that you built iptables with the correct kernel?
> >    -- if you change kernels you usually have to rebuilt the iptables
> code -- 
> > export KERNEL_DIR=xxxxx make
> > where xxxxx is the full path to your appropriate kernel source code.
> >
>
> yes i select correct kernel
>
> export KERNEL_DIR=/usr/src/linux-2.6.1
> then
> make & make install
>
> >   this is usually caused after a kernel rebuild by building modules and
> NOT loading them, especially
> > if the iptables stuff was built into the kernel in the previous kernel.
> > -- try
> > insmod ip_tables
> >  you might get yet another error ...
> >
>
> Yes u r right :(
>
> insmod ip_tables
>
> Can't open 'ip_tables' : No such file or directory
>
> there is no module ip_module i have search the system
>
> > Ummm ...anyone know off the top if RedHat puts iptables in as modules or
> builds it in?
> >
> >
> > Alistair
> >
>
>
>

Re: kernel 2.6.x and iptables

[Unknown, Alistair Tonner]

On January 13, 2004 07:11 am, Muhammad Talha wrote:
> i insert modules located at /lib/modules/2.6.1/kernel/net/ipv4/netfilter
>
> like
>
> insmod ip_tables.ko
> insmod iptables_filter.ko
>
	AHhhhh ... 
	   Your modutils is out of date.
	   -- insmod ip_tables should have worked.
	     if you had to append the .ko something is wrong .... 

	to make it permanent, ........ I'm a slackware user ... I put things like that in /etc/rc./modules ... which loads modules on startu p .. 
	I don't know the equivalent file on redhat ... 


> and others now iptables works just fine
>
> but i after reboot i have to insert them again
> how to make them permanent ???
>
> Thanks and Regards
>
> Talha
>
>
>
>
> ----- Original Message -----
> From: "Muhammad Talha" <talha@worldcall.net.pk>
> To: <netfilter@lists.netfilter.org>
> Sent: Tuesday, January 13, 2004 4:53 PM
> Subject: Re: kernel 2.6.x and iptables
>
> > >   for both users with the 'failed to initialize' error -- 1) did you
>
> build
>
> > iptables as modules or
> >
> > >  into the kernel?
> >
> > as module
> >
> > -- 2) are you *certain* you disabled ipchains
> >
> > Yes i disable ipchains
> > .
> >
> > > 3) are you *certain* that you built iptables with the correct kernel?
> > >    -- if you change kernels you usually have to rebuilt the iptables
> >
> > code --
> >
> > > export KERNEL_DIR=xxxxx make
> > > where xxxxx is the full path to your appropriate kernel source code.
> >
> > yes i select correct kernel
> >
> > export KERNEL_DIR=/usr/src/linux-2.6.1
> > then
> > make & make install
> >
> > >   this is usually caused after a kernel rebuild by building modules and
> >
> > NOT loading them, especially
> >
> > > if the iptables stuff was built into the kernel in the previous kernel.
> > > -- try
> > > insmod ip_tables
> > >  you might get yet another error ...
> >
> > Yes u r right :(
> >
> > insmod ip_tables
> >
> > Can't open 'ip_tables' : No such file or directory
> >
> > there is no module ip_module i have search the system
> >
> > > Ummm ...anyone know off the top if RedHat puts iptables in as modules
> > > or
> >
> > builds it in?
> >
> > > Alistair

Re: kernel 2.6.x and iptables

[Muhammad Talha]

Thanks Alistair for respones

there is no .o file there only .ko i think these are changed in 2.6.x kernel
i see them when kernel is compiling as well

there is /etc/rc.local which can load things @ startup in RedHat

thanks and Regards

Talha

----- Original Message ----- 
From: <Alistair Tonner>
To: "Muhammad Talha" <talha@worldcall.net.pk>;
<netfilter@lists.netfilter.org>
Sent: Tuesday, January 13, 2004 6:38 PM
Subject: Re: kernel 2.6.x and iptables


> On January 13, 2004 07:11 am, Muhammad Talha wrote:
> > i insert modules located at /lib/modules/2.6.1/kernel/net/ipv4/netfilter
> >
> > like
> >
> > insmod ip_tables.ko
> > insmod iptables_filter.ko
> >
> AHhhhh ...
>    Your modutils is out of date.
>    -- insmod ip_tables should have worked.
>      if you had to append the .ko something is wrong ....
>
> to make it permanent, ........ I'm a slackware user ... I put things like
that in /etc/rc./modules ... which loads modules on startu p ..
> I don't know the equivalent file on redhat ...
>
>
> > and others now iptables works just fine
> >
> > but i after reboot i have to insert them again
> > how to make them permanent ???
> >
> > Thanks and Regards
> >
> > Talha
> >
> >
> >
> >
> > ----- Original Message -----
> > From: "Muhammad Talha" <talha@worldcall.net.pk>
> > To: <netfilter@lists.netfilter.org>
> > Sent: Tuesday, January 13, 2004 4:53 PM
> > Subject: Re: kernel 2.6.x and iptables
> >
> > > >   for both users with the 'failed to initialize' error -- 1) did you
> >
> > build
> >
> > > iptables as modules or
> > >
> > > >  into the kernel?
> > >
> > > as module
> > >
> > > -- 2) are you *certain* you disabled ipchains
> > >
> > > Yes i disable ipchains
> > > .
> > >
> > > > 3) are you *certain* that you built iptables with the correct
kernel?
> > > >    -- if you change kernels you usually have to rebuilt the iptables
> > >
> > > code --
> > >
> > > > export KERNEL_DIR=xxxxx make
> > > > where xxxxx is the full path to your appropriate kernel source code.
> > >
> > > yes i select correct kernel
> > >
> > > export KERNEL_DIR=/usr/src/linux-2.6.1
> > > then
> > > make & make install
> > >
> > > >   this is usually caused after a kernel rebuild by building modules
and
> > >
> > > NOT loading them, especially
> > >
> > > > if the iptables stuff was built into the kernel in the previous
kernel.
> > > > -- try
> > > > insmod ip_tables
> > > >  you might get yet another error ...
> > >
> > > Yes u r right :(
> > >
> > > insmod ip_tables
> > >
> > > Can't open 'ip_tables' : No such file or directory
> > >
> > > there is no module ip_module i have search the system
> > >
> > > > Ummm ...anyone know off the top if RedHat puts iptables in as
modules
> > > > or
> > >
> > > builds it in?
> > >
> > > > Alistair
>
>

Re: kernel 2.6.x and iptables

[Joel Newkirk]

On Tue, 2004-01-13 at 10:33, Muhammad Talha wrote:
> Thanks Alistair for respones
> 
> there is no .o file there only .ko i think these are changed in 2.6.x kernel
> i see them when kernel is compiling as well
> 
> there is /etc/rc.local which can load things @ startup in RedHat
> 
> thanks and Regards
> 
> Talha

Since you're successfully inserting modules under 2.6.x I assume you
installed module-init-tools to replace modutils.  However, I think you
might have missed this part of the module-init-tools FAQ:

{excerpt}
Q) I'm using RedHat and modules don't autoload any more.
A) RedHat turns module autoloading off if /proc/ksyms isn't found.
   Change line 337 of /etc/rc.d/rc.sysinit from:

  if ! grep -iq nomodules /proc/cmdline 2>/dev/null && [ -f /proc/ksyms
]; then

   to

  if ! grep -iq nomodules /proc/cmdline 2>/dev/null && [ -f
/proc/modules ]; then


Q) Things still don't load properly.
A) Do you have an /etc/modprobe.conf?  If not, use
   generate-modprobe.conf to generate an /etc/modprobe.conf from your
   old setup.
{/excerpt}

You may not find 'line 337' at line 337.  Search "/proc/ksyms" - don't
change the ones later in the file, though!

j

> ----- Original Message ----- 
> From: <Alistair Tonner>
> To: "Muhammad Talha" <talha@worldcall.net.pk>;
> <netfilter@lists.netfilter.org>
> Sent: Tuesday, January 13, 2004 6:38 PM
> Subject: Re: kernel 2.6.x and iptables
> 
> 
> > On January 13, 2004 07:11 am, Muhammad Talha wrote:
> > > i insert modules located at /lib/modules/2.6.1/kernel/net/ipv4/netfilter
> > >
> > > like
> > >
> > > insmod ip_tables.ko
> > > insmod iptables_filter.ko
> > >
> > AHhhhh ...
> >    Your modutils is out of date.

Re: kernel 2.6.x and iptables

[Muhammad Talha]

Thanks Joel This solved my problem

Yes i have installed module-init-tools-0.9.13

actually i check
http://www.kernel.org/pub/linux/kernel/people/rusty/modules/FAQ

but there is not information about Redhat there now iptables module load
just fine :)

Thanks and Regards

Talha

----- Original Message ----- 
From: "Joel Newkirk" <firewalldude@newkirk.us>
To: "Muhammad Talha" <talha@worldcall.net.pk>
Cc: <netfilter@lists.netfilter.org>
Sent: Wednesday, January 14, 2004 2:15 AM
Subject: Re: kernel 2.6.x and iptables


> On Tue, 2004-01-13 at 10:33, Muhammad Talha wrote:
> > Thanks Alistair for respones
> >
> > there is no .o file there only .ko i think these are changed in 2.6.x
kernel
> > i see them when kernel is compiling as well
> >
> > there is /etc/rc.local which can load things @ startup in RedHat
> >
> > thanks and Regards
> >
> > Talha
>
> Since you're successfully inserting modules under 2.6.x I assume you
> installed module-init-tools to replace modutils.  However, I think you
> might have missed this part of the module-init-tools FAQ:
>
> {excerpt}
> Q) I'm using RedHat and modules don't autoload any more.
> A) RedHat turns module autoloading off if /proc/ksyms isn't found.
>    Change line 337 of /etc/rc.d/rc.sysinit from:
>
>   if ! grep -iq nomodules /proc/cmdline 2>/dev/null && [ -f /proc/ksyms
> ]; then
>
>    to
>
>   if ! grep -iq nomodules /proc/cmdline 2>/dev/null && [ -f
> /proc/modules ]; then
>
>
> Q) Things still don't load properly.
> A) Do you have an /etc/modprobe.conf?  If not, use
>    generate-modprobe.conf to generate an /etc/modprobe.conf from your
>    old setup.
> {/excerpt}
>
> You may not find 'line 337' at line 337.  Search "/proc/ksyms" - don't
> change the ones later in the file, though!
>
> j
>
> > ----- Original Message ----- 
> > From: <Alistair Tonner>
> > To: "Muhammad Talha" <talha@worldcall.net.pk>;
> > <netfilter@lists.netfilter.org>
> > Sent: Tuesday, January 13, 2004 6:38 PM
> > Subject: Re: kernel 2.6.x and iptables
> >
> >
> > > On January 13, 2004 07:11 am, Muhammad Talha wrote:
> > > > i insert modules located at
/lib/modules/2.6.1/kernel/net/ipv4/netfilter
> > > >
> > > > like
> > > >
> > > > insmod ip_tables.ko
> > > > insmod iptables_filter.ko
> > > >
> > > AHhhhh ...
> > >    Your modutils is out of date.
>
>
>
>

How do I boot from different kernel when I don't have access to the console?

[prince]

Recently I downloaded some kernel*.rpm (Linux i386) from 
https://rhn.redhat.com/errata/RHSA-2003-417.html  and I installed all the 
rpms using "rpm -iUvh kernel*.rpm". My mistake. I should have used "rpm -
Fvh". Now I do not know what kernel was there previously. From the following 
output it looks, I had 2.4.20-18.9smp earlier.

% ls -l /lib/modules/
total 12
drwxr-xr-x    3 root     root         4096 Jan  6 15:03 2.4.20-18.9smp
drwxr-xr-x    3 root     root         4096 Jan 12 16:01 2.4.20-28.9
drwxr-xr-x    3 root     root         4096 Jan  6 15:02 2.4.20-28.9BOOT

% rpm -qa | grep kernel
kernel-pcmcia-cs-3.1.31-13
kernel-2.4.20-28.9
kernel-BOOT-2.4.20-28.9
kernel-doc-2.4.20-28.9
kernel-source-2.4.20-28.9

Now, whenever I boot the system it comes up with "2.4.20-28.9BOOT" which 
doesn't have iptables module.

% lsmod
Password:
Module                  Size  Used by    Not tainted
e1000                  54528   1 
ext3                   61280   2 
jbd                    46804   2  [ext3]
3w-xxxx                36192   3 
sd_mod                 11916   6 
scsi_mod               63416   2  [3w-xxxx sd_mod]

% uname -a
Linux dev9.my-comp.com 2.4.20-28.9BOOT #1 Thu Dec 18 13:27:13 EST 2003 i686 
i686 i386 GNU/Linux

I have ip tables in 2.4.20-28.9
% ls -l /lib/modules/2.4.20-28.9/kernel/net/
total 68
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 8021q
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 appletalk
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 atm
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 ax25
drwxr-xr-x    4 root     root         4096 Jan  6 15:02 bluetooth
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 bridge
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 decnet
drwxr-xr-x    3 root     root         4096 Jan  6 15:02 ipv4
drwxr-xr-x    3 root     root         4096 Jan  6 15:02 ipv6
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 ipx
drwxr-xr-x    5 root     root         4096 Jan  6 15:02 irda
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 netrom
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 rose
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 sched
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 sunrpc
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 tux
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 wanrouter

/lib/modules/2.4.20-28.9/kernel/net/ipv4/netfilter/ip_tables.o

But not under 2.4.20-28.9BOOT/ (there is no ipv?)
% ls -l /lib/modules/2.4.20-28.9BOOT/kernel/net/
total 24
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 8021q
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 ax25
drwxr-xr-x    4 root     root         4096 Jan  6 15:02 bluetooth
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 netrom
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 rose
drwxr-xr-x    2 root     root         4096 Jan  6 15:02 sunrpc


Now, I only have remote access to this server and I don't have access to the 
console at this time. 

Is there a way, I can boot the system with "2.4.20-28.9" instead of "2.4.20-
28.9BOOT". If the system does not come up properly, I should be able to 
reboot with "2.4.20-28.9BOOT" which is working (but no iptables). I have only 
remote power cycle capability.

Could you please suggest a way to get this done?

Note: This is follow-up to the question I earlier posted on "iptables 
v1.2.7a: can't initialize iptables table `filter':"


thanks,
Prince.

Re: How do I boot from different kernel when I don't have access to the console?

[prince]

Just to let you know, This is my /etc/grub.conf

% sudo cat /etc/grub.conf

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/hda3
#          initrd /initrd-version.img
#boot=/dev/sda
### BEGIN AUTOMAGIC KERNELS LIST
default=0
timeout=10
splashimage=(hd0,0)/grub/splash.xpm.gz

title Red Hat Linux (2.4.20-28.9BOOT)
        root (hd0,0)
        kernel /vmlinuz-2.4.20-28.9BOOT ro root=/dev/sda3
        initrd /initrd-2.4.20-28.9BOOT.img
title Red Hat Linux (2.4.20-28.9)
        root (hd0,0)
        kernel /vmlinuz-2.4.20-28.9 ro root=/dev/sda3
        initrd /initrd-2.4.20-28.9.img
=============================================================================
On Wed, 14 Jan 2004 12:08:51 -0800, prince wrote
> Recently I downloaded some kernel*.rpm (Linux i386) from 
> https://rhn.redhat.com/errata/RHSA-2003-417.html  and I installed 
> all the rpms using "rpm -iUvh kernel*.rpm". My mistake. I should 
> have used "rpm - Fvh". Now I do not know what kernel was there 
> previously. From the following output it looks, I had 2.4.20-18.9smp 
> earlier.
> 
> % ls -l /lib/modules/
> total 12
> drwxr-xr-x    3 root     root         4096 Jan  6 15:03 2.4.20-
> 18.9smp drwxr-xr-x    3 root     root         4096 Jan 12 16:01 
> 2.4.20-28.9 drwxr-xr-x    3 root     root         4096 Jan  6 15:02 
> 2.4.20-28.9BOOT
> 
> % rpm -qa | grep kernel
> kernel-pcmcia-cs-3.1.31-13
> kernel-2.4.20-28.9
> kernel-BOOT-2.4.20-28.9
> kernel-doc-2.4.20-28.9
> kernel-source-2.4.20-28.9
> 
> Now, whenever I boot the system it comes up with "2.4.20-28.9BOOT" 
> which doesn't have iptables module.
> 
> % lsmod
> Password:
> Module                  Size  Used by    Not tainted
> e1000                  54528   1 
> ext3                   61280   2 
> jbd                    46804   2  [ext3]
> 3w-xxxx                36192   3 
> sd_mod                 11916   6 
> scsi_mod               63416   2  [3w-xxxx sd_mod]
> 
> % uname -a
> 
> Linux dev9.my-comp.com 2.4.20-28.9BOOT #1 Thu Dec 18 13:27:13 EST 
> 2003 i686 i686 i386 GNU/Linux
> 
> I have ip tables in 2.4.20-28.9
> % ls -l /lib/modules/2.4.20-28.9/kernel/net/
> total 68
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 8021q
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 appletalk
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 atm
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 ax25
> drwxr-xr-x    4 root     root         4096 Jan  6 15:02 bluetooth
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 bridge
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 decnet
> drwxr-xr-x    3 root     root         4096 Jan  6 15:02 ipv4
> drwxr-xr-x    3 root     root         4096 Jan  6 15:02 ipv6
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 ipx
> drwxr-xr-x    5 root     root         4096 Jan  6 15:02 irda
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 netrom
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 rose
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 sched
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 sunrpc
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 tux
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 wanrouter
> 
> /lib/modules/2.4.20-28.9/kernel/net/ipv4/netfilter/ip_tables.o
> 
> But not under 2.4.20-28.9BOOT/ (there is no ipv?)
> % ls -l /lib/modules/2.4.20-28.9BOOT/kernel/net/
> total 24
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 8021q
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 ax25
> drwxr-xr-x    4 root     root         4096 Jan  6 15:02 bluetooth
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 netrom
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 rose
> drwxr-xr-x    2 root     root         4096 Jan  6 15:02 sunrpc
> 
> Now, I only have remote access to this server and I don't have 
> access to the console at this time. 
> 
> Is there a way, I can boot the system with "2.4.20-28.9" instead of 
> "2.4.20-
> 28.9BOOT". If the system does not come up properly, I should be able 
> to reboot with "2.4.20-28.9BOOT" which is working (but no iptables). 
> I have only remote power cycle capability.
> 
> Could you please suggest a way to get this done?
> 
> Note: This is follow-up to the question I earlier posted on 
> "iptables v1.2.7a: can't initialize iptables table `filter':"
> 
> thanks,
> Prince.

Re: How do I boot from different kernel when I don't have access to the console?

[Ted Kaczmarek]

Your default=0, that will always boot the 2.4.20-28.9BOOT,
change it to 1 and it will boot the other version.
You can also pick the other one manually, but your timeout is only 10
seconds so pay attention :-) when booting.

Ted
On Wed, 2004-01-14 at 15:14, prince wrote:
> Just to let you know, This is my /etc/grub.conf
> 
> % sudo cat /etc/grub.conf
> 
> # grub.conf generated by anaconda
> #
> # Note that you do not have to rerun grub after making changes to this file
> # NOTICE:  You have a /boot partition.  This means that
> #          all kernel and initrd paths are relative to /boot/, eg.
> #          root (hd0,0)
> #          kernel /vmlinuz-version ro root=/dev/hda3
> #          initrd /initrd-version.img
> #boot=/dev/sda
> ### BEGIN AUTOMAGIC KERNELS LIST
> default=0
> timeout=10
> splashimage=(hd0,0)/grub/splash.xpm.gz
> 
> title Red Hat Linux (2.4.20-28.9BOOT)
>         root (hd0,0)
>         kernel /vmlinuz-2.4.20-28.9BOOT ro root=/dev/sda3
>         initrd /initrd-2.4.20-28.9BOOT.img
> title Red Hat Linux (2.4.20-28.9)
>         root (hd0,0)
>         kernel /vmlinuz-2.4.20-28.9 ro root=/dev/sda3
>         initrd /initrd-2.4.20-28.9.img
> =============================================================================
> On Wed, 14 Jan 2004 12:08:51 -0800, prince wrote
> > Recently I downloaded some kernel*.rpm (Linux i386) from 
> > https://rhn.redhat.com/errata/RHSA-2003-417.html  and I installed 
> > all the rpms using "rpm -iUvh kernel*.rpm". My mistake. I should 
> > have used "rpm - Fvh". Now I do not know what kernel was there 
> > previously. From the following output it looks, I had 2.4.20-18.9smp 
> > earlier.
> > 
> > % ls -l /lib/modules/
> > total 12
> > drwxr-xr-x    3 root     root         4096 Jan  6 15:03 2.4.20-
> > 18.9smp drwxr-xr-x    3 root     root         4096 Jan 12 16:01 
> > 2.4.20-28.9 drwxr-xr-x    3 root     root         4096 Jan  6 15:02 
> > 2.4.20-28.9BOOT
> > 
> > % rpm -qa | grep kernel
> > kernel-pcmcia-cs-3.1.31-13
> > kernel-2.4.20-28.9
> > kernel-BOOT-2.4.20-28.9
> > kernel-doc-2.4.20-28.9
> > kernel-source-2.4.20-28.9
> > 
> > Now, whenever I boot the system it comes up with "2.4.20-28.9BOOT" 
> > which doesn't have iptables module.
> > 
> > % lsmod
> > Password:
> > Module                  Size  Used by    Not tainted
> > e1000                  54528   1 
> > ext3                   61280   2 
> > jbd                    46804   2  [ext3]
> > 3w-xxxx                36192   3 
> > sd_mod                 11916   6 
> > scsi_mod               63416   2  [3w-xxxx sd_mod]
> > 
> > % uname -a
> > 
> > Linux dev9.my-comp.com 2.4.20-28.9BOOT #1 Thu Dec 18 13:27:13 EST 
> > 2003 i686 i686 i386 GNU/Linux
> > 
> > I have ip tables in 2.4.20-28.9
> > % ls -l /lib/modules/2.4.20-28.9/kernel/net/
> > total 68
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 8021q
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 appletalk
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 atm
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 ax25
> > drwxr-xr-x    4 root     root         4096 Jan  6 15:02 bluetooth
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 bridge
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 decnet
> > drwxr-xr-x    3 root     root         4096 Jan  6 15:02 ipv4
> > drwxr-xr-x    3 root     root         4096 Jan  6 15:02 ipv6
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 ipx
> > drwxr-xr-x    5 root     root         4096 Jan  6 15:02 irda
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 netrom
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 rose
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 sched
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 sunrpc
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 tux
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 wanrouter
> > 
> > /lib/modules/2.4.20-28.9/kernel/net/ipv4/netfilter/ip_tables.o
> > 
> > But not under 2.4.20-28.9BOOT/ (there is no ipv?)
> > % ls -l /lib/modules/2.4.20-28.9BOOT/kernel/net/
> > total 24
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 8021q
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 ax25
> > drwxr-xr-x    4 root     root         4096 Jan  6 15:02 bluetooth
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 netrom
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 rose
> > drwxr-xr-x    2 root     root         4096 Jan  6 15:02 sunrpc
> > 
> > Now, I only have remote access to this server and I don't have 
> > access to the console at this time. 
> > 
> > Is there a way, I can boot the system with "2.4.20-28.9" instead of 
> > "2.4.20-
> > 28.9BOOT". If the system does not come up properly, I should be able 
> > to reboot with "2.4.20-28.9BOOT" which is working (but no iptables). 
> > I have only remote power cycle capability.
> > 
> > Could you please suggest a way to get this done?
> > 
> > Note: This is follow-up to the question I earlier posted on 
> > "iptables v1.2.7a: can't initialize iptables table `filter':"
> > 
> > thanks,
> > Prince.
> 
> 
> 
> 
> 

Re: How do I boot from different kernel when I don't have access to the console?

[Arnt Karlsen]

On Mon, 19 Jan 2004 18:40:52 -0500, 
Ted Kaczmarek <tedkaz@optonline.net> wrote in message 
<1074555651.20675.2.camel@tarkus>:

> On Wed, 2004-01-14 at 15:14, prince wrote:
> > Just to let you know, This is my /etc/grub.conf
> > 
> > % sudo cat /etc/grub.conf
> > 
> > # grub.conf generated by anaconda
> > #
> > # Note that you do not have to rerun grub after making changes to
> > # this file NOTICE:  You have a /boot partition.  This means that
> > #          all kernel and initrd paths are relative to /boot/, eg.
> > #          root (hd0,0)
> > #          kernel /vmlinuz-version ro root=/dev/hda3
> > #          initrd /initrd-version.img
> > #boot=/dev/sda
> > ### BEGIN AUTOMAGIC KERNELS LIST
> > default=0

..also put in "fallback=0" below your new "default=1". 

> > timeout=10
> > splashimage=(hd0,0)/grub/splash.xpm.gz
> > 
> > title Red Hat Linux (2.4.20-28.9BOOT)
> >         root (hd0,0)
> >         kernel /vmlinuz-2.4.20-28.9BOOT ro root=/dev/sda3

..behind your "root=/dev/sda3", append " panic=20 ", to avoid kernel
panics play USS Yorktown on your box.  ;-)

> Your default=0, that will always boot the 2.4.20-28.9BOOT,
> change it to 1 and it will boot the other version.
> You can also pick the other one manually, but your timeout is only 10
> seconds so pay attention :-) when booting.

..not 10 tenths of a second?  ;-)

..and it is also possible to set up serial consoles on modems or 
between remote boxes and have the paralell port control relays 
for power switches, before resorting to ups control tricks.  ;-)

-- 
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.

Re: How do I boot from different kernel when I don't have access to the console?

[prince]

Thank you Arnt and Ted,

It is very helpful.

Prince.
 
On Tue, 20 Jan 2004 04:59:25 +0100, Arnt Karlsen wrote
> On Mon, 19 Jan 2004 18:40:52 -0500, 
> Ted Kaczmarek <tedkaz@optonline.net> wrote in message 
> <1074555651.20675.2.camel@tarkus>:
> 
> > On Wed, 2004-01-14 at 15:14, prince wrote:
> > > Just to let you know, This is my /etc/grub.conf
> > > 
> > > % sudo cat /etc/grub.conf
> > > 
> > > # grub.conf generated by anaconda
> > > #
> > > # Note that you do not have to rerun grub after making changes to
> > > # this file NOTICE:  You have a /boot partition.  This means that
> > > #          all kernel and initrd paths are relative to /boot/, eg.
> > > #          root (hd0,0)
> > > #          kernel /vmlinuz-version ro root=/dev/hda3
> > > #          initrd /initrd-version.img
> > > #boot=/dev/sda
> > > ### BEGIN AUTOMAGIC KERNELS LIST
> > > default=0
> 
> ..also put in "fallback=0" below your new "default=1". 
> 
> > > timeout=10
> > > splashimage=(hd0,0)/grub/splash.xpm.gz
> > > 
> > > title Red Hat Linux (2.4.20-28.9BOOT)
> > >         root (hd0,0)
> > >         kernel /vmlinuz-2.4.20-28.9BOOT ro root=/dev/sda3
> 
> ..behind your "root=/dev/sda3", append " panic=20 ", to avoid kernel
> panics play USS Yorktown on your box.  ;-)
> 
> > Your default=0, that will always boot the 2.4.20-28.9BOOT,
> > change it to 1 and it will boot the other version.
> > You can also pick the other one manually, but your timeout is only 10
> > seconds so pay attention :-) when booting.
> 
> ..not 10 tenths of a second?  ;-)
> 
> ..and it is also possible to set up serial consoles on modems or 
> between remote boxes and have the paralell port control relays 
> for power switches, before resorting to ups control tricks.  ;-)
> 
> -- 
> ..med vennlig hilsen = with Kind Regards from Arnt... ;-)
> ...with a number of polar bear hunters in his ancestry...
>   Scenarios always come in sets of three: 
>   best case, worst case, and just in case.

Re: How do I boot from different kernel when I don't have access to the console?

[Ranjeet Shetye]

On Tue, 2004-01-20 at 22:03, prince wrote:
> Thank you Arnt and Ted,
> 
> It is very helpful.
> 
> Prince.
>  
> On Tue, 20 Jan 2004 04:59:25 +0100, Arnt Karlsen wrote
> > On Mon, 19 Jan 2004 18:40:52 -0500, 
> > Ted Kaczmarek <tedkaz@optonline.net> wrote in message 
> > <1074555651.20675.2.camel@tarkus>:
> > 
> > > On Wed, 2004-01-14 at 15:14, prince wrote:
> > > > Just to let you know, This is my /etc/grub.conf
> > > > 
> > > > % sudo cat /etc/grub.conf
> > > > 
> > > > # grub.conf generated by anaconda
> > > > #
> > > > # Note that you do not have to rerun grub after making changes to
> > > > # this file NOTICE:  You have a /boot partition.  This means that
> > > > #          all kernel and initrd paths are relative to /boot/, eg.
> > > > #          root (hd0,0)
> > > > #          kernel /vmlinuz-version ro root=/dev/hda3
> > > > #          initrd /initrd-version.img
> > > > #boot=/dev/sda
> > > > ### BEGIN AUTOMAGIC KERNELS LIST
> > > > default=0
> > 
> > ..also put in "fallback=0" below your new "default=1". 
> > 
> > > > timeout=10
> > > > splashimage=(hd0,0)/grub/splash.xpm.gz
> > > > 
> > > > title Red Hat Linux (2.4.20-28.9BOOT)
> > > >         root (hd0,0)
> > > >         kernel /vmlinuz-2.4.20-28.9BOOT ro root=/dev/sda3
> > 
> > ..behind your "root=/dev/sda3", append " panic=20 ", to avoid kernel
> > panics play USS Yorktown on your box.  ;-)
> > 
> > > Your default=0, that will always boot the 2.4.20-28.9BOOT,
> > > change it to 1 and it will boot the other version.
> > > You can also pick the other one manually, but your timeout is only 10
> > > seconds so pay attention :-) when booting.
> > 
> > ..not 10 tenths of a second?  ;-)

No, its 10 seconds. At least that's the way grub interprets it on my
gentoo box. Maybe different distros have compiled grub differently ??? I
hope not!

> > 
> > ..and it is also possible to set up serial consoles on modems or 
> > between remote boxes and have the paralell port control relays 
> > for power switches, before resorting to ups control tricks.  ;-)
> > 
> > -- 
> > ..med vennlig hilsen = with Kind Regards from Arnt... ;-)
> > ...with a number of polar bear hunters in his ancestry...
> >   Scenarios always come in sets of three: 
> >   best case, worst case, and just in case.
> 
> 
> 

some cut and paste from my /boot/grub/grub.conf - Gentoo Linux.
---
default 0
fallback 1
timeout 5

splashimage=(hd0,0)/boot/grub/splash.xpm.gz

title=Linux 2.6.1 (console on PC)
root (hd0,0)
kernel /boot/linux-2.6.1 root=/dev/hda3 console=ttyS0
---

notice that I have a console=ttyS0 flag. This gives me a console on a
serial port - which means you can control a headless server using just a
laptop. For this to work.
1. Kernel must be compiled with console-on-serial-port capability, AND
2. this capability must be enabled at boot time using the "console=tty#"
flag.

Also, if you are using grub, any changes to grub.conf take effect
immediately. You dont need to re-run grub for changes to take effect.

I have a /boot/boot entry that symlinks to /boot . This way I can use
full /boot/* paths everywhere without stepping all over the boot process
- its not my invention, its a gentoo thing.

NEVER mess with the fallback once you have it working correctly.
Inevitably, with a headless server like yours, you'll make a mistake one
day while editing and the fallback will step in to save you. So make
only one change at a time.

-- 

Ranjeet Shetye
Senior Software Engineer
Zultys Technologies
Ranjeet dot Shetye2 at Zultys dot com
http://www.zultys.com/
 
The views, opinions, and judgements expressed in this message are solely
those of the author. The message contents have not been reviewed or
approved by Zultys.