Atv and iptables and OpenVPN

Batyj · 28 February 2016 19:28

Team, I have installed the latest OSMC on my appletv 1st gen but when I try using iptables it shows such error:

root@osmc:/home/osmc# iptables --list
modprobe: FATAL: Module ip_tables not found.
iptables v1.4.21: can’t initialize iptables table `filter’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

There is no ip_tables module.

I downloaded the kernel sources and compiled new kernel with the netfiler options, but when I try installing it, I see that /boot is ro, the mount in rw does not work. Obviously, I miss something. Any help on what am I doing wring is highly appreciated:

root@osmc:/home/osmc# cd /usr/src
root@osmc:/usr/src# ls -la
total 680836
drwxr-xr-x 4 root root 4096 Feb 28 08:43 .
drwxr-xr-x 11 root root 4096 May 8 1978 …
drwxr-xr-x 23 root root 4096 Feb 27 22:28 atv-headers-4.2.3-7-osmc
drwxr-xr-x 25 root root 4096 Feb 28 08:39 atv-source-4.2.3-7-osmc
-rw-r–r-- 1 root root 678410240 Jan 25 20:31 atv-source-4.2.3-7-osmc.tar
-rw-r–r-- 1 root root 6874588 Feb 28 08:43 linux-headers-4.2.3_4.2.3-1_i386.deb
-rw-r–r-- 1 root root 11051266 Feb 28 08:44 linux-image-4.2.3_4.2.3-1_i386.deb
-rw-r–r-- 1 root root 807274 Feb 28 08:43 linux-libc-dev_4.2.3-1_i386.deb
root@osmc:/usr/src# dpkg -i linux-image-4.2.3_4.2.3-1_i386.deb
(Reading database … 46828 files and directories currently installed.)
Preparing to unpack linux-image-4.2.3_4.2.3-1_i386.deb …
Unpacking linux-image-4.2.3 (4.2.3-1) …
dpkg: error processing archive linux-image-4.2.3_4.2.3-1_i386.deb (–install):
unable to clean up mess surrounding `./boot/System.map-4.2.3’ before installing another version: Read-only file system
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Errors were encountered while processing:
linux-image-4.2.3_4.2.3-1_i386.deb

uname:

Linux osmc 4.2.3-7-osmc #1 Mon Jan 25 18:21:33 UTC 2016 i686 GNU/Linux
root@osmc:/usr/src#

DBMandrake · 29 February 2016 15:54

HFS+ will mount as read only if it is uncleanly unmounted.

So you need to run a forced fsck on /boot while it is unmounted or mounted read only, then you should be able to remount it read write.

Batyj · 29 February 2016 16:41

Thanks, this did work. fsck.hfsplus did not find any error though, but I was able to mount it rw. Will keep trying.

Batyj · 29 February 2016 17:04

Still no luck yet with the iptables. New kernel is used:

Linux osmc 4.2.3 #1 Sun Feb 28 00:21:25 EET 2016 i686 GNU/Linux

I did insmod two modules:

root@osmc:/lib/modules/4.2.3/kernel/net/netfilter# ls -la
total 44
drwxr-xr-x 2 root root 4096 Feb 29 18:44 .
drwxr-xr-x 8 root root 4096 Feb 29 18:44 …
-rw-r–r-- 1 root root 27000 Feb 28 08:39 x_tables.ko
-rw-r–r-- 1 root root 4708 Feb 28 08:39 xt_tcpudp.ko

root@osmc:/lib/modules/4.2.3/kernel/net/netfilter# lsmod
Module Size Used by
xt_tcpudp 1911 0
ip_tables 8858 0
x_tables 11543 2 ip_tables,xt_tcpudp
drbg 11401 1
ansi_cprng 4086 0
ctr 2951 2
ccm 6921 2
tun 18132 2
b43 404319 0
bcma 32789 1 b43
mac80211 378881 1 b43
cfg80211 232596 2 b43,mac80211
ssb 39659 1 b43
i2c_i801 9224 0
mac_hid 2622 0
ipv6 301397 30

But iptables still does not work:

root@osmc:/lib/modules/4.2.3/kernel/net/netfilter# iptables --list
iptables v1.4.21: can’t initialize iptables table `filter’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Really, I am trying to setup an OpenVPN (works) and set up routing. The OpenVPN is setup on ATV box that is a different unit from a router. All sources that I read about this require ip forwarding to be done using iptables.

Spinner · 29 February 2016 18:36

It doesn’t matter if it finds an error or not.
If the HFS+ boot partition is not cleanly unmounted, it won’t mount read/write until it has been checked to make sure it ok. This is normal behaviour with HFS+ on Linux.

I can’t advise on iptables though…