dbaba 1 Posted April 16, 2021 I found an issue regarding ufw in the latest OS image. Can someone help me to solve it? --- Issue: ufw is not working on the latest OS because required kernel modules are missing in the OS image. Board: ASUS Tinker Board 2 S OS: Tinker Board 2 Debian OS V1.0.7 Step to reproduce: Flash Tinker Board 2 Debian OS V1.0.7 to a microSD Boot from the microSD on ATB2 ssh to the board Run the commands $ sudo apt-get update $ sudo apt-get install ufw Add a new rule to ufw, which fails in the end linaro@linaro-alip:~$ sudo ufw allow 22 ERROR: initcaps [Errno 2] modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/4.4.194 ip6tables v1.6.0: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?) Perhaps ip6tables or your kernel needs to be upgraded. Related Issue: ip6tables is not working as well. Very weird as the OS is assigning IPv6 address to the network interfaces. Why not the OS does support IPv6 firewall though it uses IPv6? What I did in the same board: # Yeah, OS is assinging IPv6 addresses (they're masked here) linaro@linaro-alip:~$ ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff 3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff 4: wlp1s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN mode DORMANT group default qlen 1000 link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff # iptables for IPv4 linaro@linaro-alip:~$ sudo iptables -S -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT #=> Fine. # iptables for IPv6 linaro@linaro-alip:~$ sudo ip6tables -S modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/4.4.194 ip6tables v1.6.0: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?) Perhaps ip6tables or your kernel needs to be upgraded. #=> ???? What happened?? # A list of files under /lib/modules/4.4.194/drivers. Too few files, are there? linaro@linaro-alip:~$ find /lib/modules/4.4.194/kernel/drivers/ /lib/modules/4.4.194/kernel/drivers/ /lib/modules/4.4.194/kernel/drivers/net /lib/modules/4.4.194/kernel/drivers/net/wireless /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rkwifi /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rkwifi/bcmdhd /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rkwifi/bcmdhd/bcmdhd.ko /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8822be /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8822be/8822be.ko /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8188eu /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8188eu/8188eu.ko /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8822ce /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8822ce/8822ce.ko /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8814au /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8814au/rtl8814au.ko /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8812AU_8821AU_linux /lib/modules/4.4.194/kernel/drivers/net/wireless/rockchip_wlan/rtl8812AU_8821AU_linux/rtl8812au.ko /lib/modules/4.4.194/kernel/drivers/net/wireless/mwifiex /lib/modules/4.4.194/kernel/drivers/net/wireless/mwifiex/mwifiex_sdio.ko /lib/modules/4.4.194/kernel/drivers/net/wireless/mwifiex/mwifiex.ko Share this post Link to post Share on other sites
