Tag Archives: Archlinux

Iptalbes Kernel Module Missing on DigitalOcean VPS

Kernel Module Missing

After I update kernel version from 3.8.4-1 (the stock version come from DO’s Archlinux template), I have found that iptables was not working because of kernel module missing.

# iptables -S
iptables v1.4.12: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)

The reason is DigitalOcean’s way of kernel management. You can only specify a kernel in DO Droplet control panel, not upgrading kernel in your own VPS. By using this way of kernel upgrading, the kernel module building process of Archlinux was bypassed; in result, no kernel module for my 3.9.4-1 kernel. That’s why iptables did not work.

Take a look at /lib/modules, there are only 3.8.4-1 stuffs:

# ls /lib/modules
3.8.4-1-ARCH extramodules-3.8-ARCH

This article shows the same problem on DO’s VPS.

Build Kernel Module Manually

To resolve this issue, a manual building of kernel 3.9.4-1 is required. Check this for grabbing and build a specific version of Archlinux package.

On my particular case, from this page download the 3.9.4-1 linux package, extract and issue a “makepkg” command.

Makepkg Linux 3.9.4-1

Building had taken some time on my $5/m plan Digital Ocean droplet. When everything done, copy kernel modules to /lib/modules. Check /lib/modules to see if I have kernel modules for 3.9.4-1:

# ls /lib/modules
3.8.4-1-ARCH 3.9.4-1-ARCH extramodules-3.8-ARCH extramodules-3.9-ARCH

Finally try “modprobe” and “lsmod” to check if the issue had been fixed.

Try DigitalOcean

Interesting with VPS for devs? Click the logo below to have a try:DigitalOcean Ref Link

Digital Ocean VPS Linux Kernel版本错乱导致iptables不可用

缘起

上文中提到为了解决一个NodeJS的bug,我在DO Droplet控制台中更换了linux kernel版本,从原来的3.8.4-1改成了3.9.4-1。

问题

在我准备配置iptables的时候,发现了这个操作带来的一个新的问题。DO不允许虚拟机自行升级和使用kernel。vps可以使用的kernel必须是DO提供的,在控制台中指定,重启后生效。这样的kernel升级过程绕过了Archlinux编译对应版本的kernel module的步骤,因此在我的机器上虽然已经使用了3.9.4-1的kernel,但是/lib/modules下面只有3.8.4-1的kernel module。在执行# modprob iptable_filter时,找不到对应版本的iptables相关的kernel module,结果就是无法使用iptables。

检查iptables状态时可以看到:

# iptables -S
iptables v1.4.12: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)

查看kernel配置,可以确定相关功能没有编译到kernel中,而是配置成为module:

# zgrep IPTABLES /proc/config.gz
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP6_NF_IPTABLES=m

检查/lib/modules/,发现只有3.8.4-1相关的module在:

# ls /lib/modules
3.8.4-1-ARCH extramodules-3.8-ARCH

同样的问题可以在jvc26的blog post中看到。

解决

弄清楚原因之后,解决的方法也就顺理成章了。需要做的事情是编译出3.9.4-1的kernel modules,并放置在/lib/modules下面。

参考Archlinux Wiki文章Downgrading Packages中的Downgrading the kernel一节,在这里找到3.9.4-1的pkg文件下载。下载、解压然后用makepkg命令build这个linux包。Makepkg Linux 3.9.4-1

经过几十分钟的工作后,过程完成,可以在pkg目录下面找到编译的结果。把/usr/lib/modules中的内容(3.9.4-1-ARCH和extramodules-3.9-ARCH)复制到/lib/modules下面。像这样:

# ls /lib/modules
3.8.4-1-ARCH 3.9.4-1-ARCH extramodules-3.8-ARCH extramodules-3.9-ARCH

有了合适版本的kernel module之后就可以再行modprobe iptable_filter了,之后再lsmod检查一下是否生效即可。

后记

DigitalOcean看来在想办法提供让客户自行选择kernel的功能,不过目前来说还不可用。具体情况可以参考下面的文章:

https://www.digitalocean.com/blog_posts/linux-kernel-management-part-1

https://www.digitalocean.com/community/questions/how-can-i-boot-my-compiled-kernel-image-on-gentoo

https://www.digitalocean.com/community/articles/pacman-syu-kernel-update-solved-how-to-ignore-arch-kernel-upgrades

 

Connect to Nokia Lumia 800C Hotspot from Archlinux

When tried connecting my Lumia 800C, always got an “DHCP IP lease attempt failed” error.

To solve this problem, add a DHCP_TIMEOUT option to the configuration file generated by wifi-menu.

File /etc/network.d/wlan0-Nokia 800C_9864:

CONNECTION=’wireless’
DESCRIPTION=’Automatically generated profile by wifi-menu’
INTERFACE=’wlan0′
SECURITY=’wpa’
ESSID=Nokia\ 800C_9864
IP=’dhcp’
DHCP_TIMEOUT=30
KEY=12345678

Connect airnomad-tmm Network from Archlinux

It’s the company wireless network for non-managed devices (your mobile phone, ipad and your own PC). I did tested several configurations and find this one works well.

It’s for NetCfg, file name is /etc/network.d/wlan0-airnomad-tmm.

CONNECTION=’wireless’
DESCRIPTION=’Automatically generated profile by wifi-menu’
INTERFACE=’wlan0′
SECURITY=’wpa-configsection’
#ESSID=airnomad-tmm
IP=’dhcp’

CONFIGSECTION=’
ssid=”airnomad-tmm”
proto=WPA2
key_mgmt=WPA-EAP
eap=PEAP
group=TKIP CCMP
pairwise=TKIP CCMP
anonymous_identity=””
identity=”youraccount”
password=”yourpassword”
#priority=1
#phase2=”auth=MSCHAPV2″‘