Ubuntu Server has no IPTables kernel module


#1
sudo ufw status numbered

ERROR: problem running iptables: modprobe: FATAL: Module ip_tables not found in directory /lib/modules/4.4.154-ge0ce80a-dirty
iptables v1.6.1: can’t initialize iptables table `filter’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

sudo modprobe ip_tables
modprobe: FATAL: Module ip_tables not found in directory /lib/modules/4.4.154-ge0ce80a-dirty

No kernel modules

ls /lib/modules/4.4.154-ge0ce80a-dirty/kernel/
drivers


#2

dmesg seems to have a lot of failures and errors as well

rock@RockPi(~):dmesg | grep -e Error -e error -e ERROR -e fail -e FAIL -e Fail -e "can't"

[ 0.000000] Reserved memory: failed to reserve memory for node ‘drm-logo@00000000’: base 0x0000000000000000, size 0 MiB
[ 0.259314] of_get_named_gpiod_flags: can’t parse ‘gpio’ property of node ‘/vcc1v8-s0[0]’
[ 0.259574] of_get_named_gpiod_flags: can’t parse ‘gpio’ property of node ‘/vcc-sys[0]’
[ 0.259795] of_get_named_gpiod_flags: can’t parse ‘gpio’ property of node ‘/vcc-phy-regulator[0]’
[ 0.259998] of_get_named_gpiod_flags: can’t parse ‘gpio’ property of node ‘/vcc3v3-sys[0]’
[ 0.362316] phy phy-ff770000.syscon:usb2-phy@e450.1: Looking up phy-supply property in node /syscon@ff770000/usb2-phy@e450/otg-port failed
[ 0.362573] phy phy-ff770000.syscon:usb2-phy@e450.1: Looking up vbus-supply property in node /syscon@ff770000/usb2-phy@e450/otg-port failed
[ 0.362586] phy phy-ff770000.syscon:usb2-phy@e450.1: Failed to get VBUS supply regulator
[ 0.364402] phy phy-ff770000.syscon:usb2-phy@e460.3: Looking up phy-supply property in node /syscon@ff770000/usb2-phy@e460/otg-port failed
[ 0.364623] phy phy-ff770000.syscon:usb2-phy@e460.3: Looking up vbus-supply property in node /syscon@ff770000/usb2-phy@e460/otg-port failed
[ 0.364635] phy phy-ff770000.syscon:usb2-phy@e460.3: Failed to get VBUS supply regulator
[ 0.366564] phy phy-ff770000.syscon:phy@f780.4: Looking up phy-supply property in node /syscon@ff770000/phy@f780 failed
[ 0.367344] phy phy-ff7c0000.phy.5: Looking up phy-supply property in node /phy@ff7c0000/dp-port failed
[ 0.367452] phy phy-ff7c0000.phy.6: Looking up phy-supply property in node /phy@ff7c0000/usb3-port failed
[ 0.367909] phy phy-ff800000.phy.7: Looking up phy-supply property in node /phy@ff800000/dp-port failed
[ 0.368014] phy phy-ff800000.phy.8: Looking up phy-supply property in node /phy@ff800000/usb3-port failed
[ 0.368389] phy phy-pcie-phy.9: Looking up phy-supply property in node /pcie-phy failed
[ 0.370153] rockchip-pcie f8000000.pcie: Looking up vpcie3v3-supply property in node /pcie@f8000000 failed
[ 0.370752] rockchip-pcie f8000000.pcie: Looking up vpcie1v8-supply property in node /pcie@f8000000 failed
[ 0.371344] rockchip-pcie f8000000.pcie: Looking up vpcie0v9-supply property in node /pcie@f8000000 failed
[ 0.914111] rockchip-pcie: probe of f8000000.pcie failed with error -110
[ 0.915872] rk-vcodec ff650000.vpu_service: Looking up vcodec-supply property in node /vpu_service@ff650000 failed
[ 0.920497] rk-vcodec ff660000.rkvdec: Looking up vcodec-supply property in node /rkvdec@ff660000 failed
[ 0.930399] of_get_named_gpiod_flags: can’t parse ‘enable-gpios’ property of node ‘/vdd-log[0]’
[ 0.930408] of_get_named_gpiod_flags: can’t parse ‘enable-gpio’ property of node ‘/vdd-log[0]’
[ 0.930424] pwm-regulator vdd-log: lookup for GPIO enable failed
[ 0.930457] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 0.930670] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 0.930726] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 0.936961] dw-apb-uart ff1a0000.serial: Error applying setting, reverse things back
[ 0.950280] i2c i2c-9: of_i2c: modalias failure on /hdmi@ff940000/ports
[ 0.954034] rockchip-drm display-subsystem: failed to bind ff968000.dsi (ops 0xffffff8008c55618): -517
[ 0.955508] rockchip-drm display-subsystem: master bind failed: -517
[ 0.956799] bridge-tc358762-dsi ff968000.dsi.0: Looking up power-supply property in node /dsi@ff968000/panel@0 failed
[ 0.957491] of_get_named_gpiod_flags: can’t parse ‘enable-gpios’ property of node ‘/dsi@ff968000/panel@0[0]’
[ 0.957499] of_get_named_gpiod_flags: can’t parse ‘enable-gpio’ property of node ‘/dsi@ff968000/panel@0[0]’
[ 0.957515] bridge-tc358762-dsi ff968000.dsi.0: lookup for GPIO enable failed
[ 0.957942] mali ff9a0000.gpu: Failed to get regulator
[ 0.958415] mali ff9a0000.gpu: Power control initialization failed
[ 1.061607] rockchip-dwc3 usb0: fail to get drvdata hcd
[ 1.067435] rockchip-dwc3 usb1: fail to get drvdata hcd
[ 1.253260] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.256900] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.260956] of_get_named_gpiod_flags: can’t parse ‘dvs-gpios’ property of node ‘/i2c@ff3c0000/pmic@1b[0]’
[ 1.260964] of_get_named_gpiod_flags: can’t parse ‘dvs-gpio’ property of node ‘/i2c@ff3c0000/pmic@1b[0]’
[ 1.260979] rk808 0-001b: lookup for GPIO dvs failed
[ 1.261571] of_get_named_gpiod_flags: can’t parse ‘dvs-gpios’ property of node ‘/i2c@ff3c0000/pmic@1b[1]’
[ 1.261579] of_get_named_gpiod_flags: can’t parse ‘dvs-gpio’ property of node ‘/i2c@ff3c0000/pmic@1b[1]’
[ 1.261593] rk808 0-001b: lookup for GPIO dvs failed
[ 1.263281] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.264237] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.264910] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.265880] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.267522] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.268993] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.270373] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.271713] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.273845] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.275196] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.277365] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.278735] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.279456] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.280165] pwm-regulator vdd-log: Looking up pwm-supply property in node /vdd-log failed
[ 1.286872] send command failed, ret = -6
[ 1.287237] rockpi-mcu: rockpi_mcu_probe: init_cmd_check failed, -6
[ 1.810591] imx219 4-0010: Reading register 100 from 10 failed
[ 1.811267] imx219 4-0010: Reading register 100 from 10 failed
[ 1.818305] imx219 4-0010: Error -5 setting default controls
[ 1.818843] imx219: probe of 4-0010 failed with error -5
[ 1.857749] dwmmc_rockchip fe310000.dwmmc: Looking up vmmc-supply property in node /dwmmc@fe310000 failed
[ 1.857788] dwmmc_rockchip fe310000.dwmmc: Looking up vqmmc-supply property in node /dwmmc@fe310000 failed
[ 1.858937] of_get_named_gpiod_flags: can’t parse ‘wp-gpios’ property of node ‘/dwmmc@fe310000[0]’
[ 1.858946] of_get_named_gpiod_flags: can’t parse ‘wp-gpio’ property of node ‘/dwmmc@fe310000[0]’
[ 1.858962] dwmmc_rockchip fe310000.dwmmc: lookup for GPIO wp failed
[ 1.863181] dwmmc_rockchip fe320000.dwmmc: Looking up vmmc-supply property in node /dwmmc@fe320000 failed
[ 1.863856] of_get_named_gpiod_flags: can’t parse ‘cd-gpios’ property of node ‘/dwmmc@fe320000[0]’
[ 1.863865] of_get_named_gpiod_flags: can’t parse ‘cd-gpio’ property of node ‘/dwmmc@fe320000[0]’
[ 1.863880] dwmmc_rockchip fe320000.dwmmc: lookup for GPIO cd failed
[ 1.863904] of_get_named_gpiod_flags: can’t parse ‘wp-gpios’ property of node ‘/dwmmc@fe320000[0]’
[ 1.863912] of_get_named_gpiod_flags: can’t parse ‘wp-gpio’ property of node ‘/dwmmc@fe320000[0]’
[ 1.863926] dwmmc_rockchip fe320000.dwmmc: lookup for GPIO wp failed
[ 1.890946] of_get_named_gpiod_flags: can’t parse ‘wp-gpios’ property of node ‘/sdhci@fe330000[0]’
[ 1.890957] of_get_named_gpiod_flags: can’t parse ‘wp-gpio’ property of node ‘/sdhci@fe330000[0]’
[ 1.890979] sdhci-arasan fe330000.sdhci: lookup for GPIO wp failed
[ 1.892127] sdhci-arasan fe330000.sdhci: Looking up vmmc-supply property in node /sdhci@fe330000 failed
[ 1.892183] sdhci-arasan fe330000.sdhci: Looking up vqmmc-supply property in node /sdhci@fe330000 failed
[ 2.055959] rockchip-saradc ff100000.saradc: Looking up vref-supply property in node /saradc@ff100000 failed
[ 2.062015] of_get_named_gpiod_flags: can’t parse ‘spk-con-gpio’ property of node ‘/i2c@ff110000/es8316@11[0]’
[ 2.062563] of_get_named_gpiod_flags: can’t parse ‘hp-det-gpio’ property of node ‘/i2c@ff110000/es8316@11[0]’
[ 2.066128] asoc-simple-card spdif-sound: parse error -22
[ 2.066625] asoc-simple-card: probe of spdif-sound failed with error -22
[ 2.080363] of_get_named_gpiod_flags: can’t parse ‘WIFI,poweren_gpio’ property of node ‘/wireless-wlan[0]’
[ 2.080372] of_get_named_gpiod_flags: can’t parse ‘WIFI,vbat_gpio’ property of node ‘/wireless-wlan[0]’
[ 2.080381] of_get_named_gpiod_flags: can’t parse ‘WIFI,reset_gpio’ property of node ‘/wireless-wlan[0]’
[ 2.084616] of_get_named_gpiod_flags: can’t parse ‘BT,power_gpio’ property of node ‘/wireless-bluetooth[0]’
[ 2.110965] rockchip-drm display-subsystem: failed to parse loader memory
[ 2.305886] bridge-tc358762-dsi ff968000.dsi.0: failed to writing gen seq
[ 2.730738] dwmmc_rockchip fe310000.dwmmc: Looking up vmmc-supply property in node /dwmmc@fe310000 failed
[ 2.730793] dwmmc_rockchip fe310000.dwmmc: Looking up vqmmc-supply property in node /dwmmc@fe310000 failed
[ 2.730871] of_get_named_gpiod_flags: can’t parse ‘wp-gpios’ property of node ‘/dwmmc@fe310000[0]’
[ 2.730882] of_get_named_gpiod_flags: can’t parse ‘wp-gpio’ property of node ‘/dwmmc@fe310000[0]’
[ 2.730900] dwmmc_rockchip fe310000.dwmmc: lookup for GPIO wp failed
[ 2.754749] of_get_named_gpiod_flags: can’t parse ‘simple-audio-card,hp-det-gpio’ property of node ‘/es8316-sound[0]’
[ 2.754769] of_get_named_gpiod_flags: can’t parse ‘simple-audio-card,mic-det-gpio’ property of node ‘/es8316-sound[0]’
[ 2.882797] asoc-simple-card es8316-sound: ASoC: Failed to add route MICBIAS1 -> direct -> Mic Jack
[ 2.884379] asoc-simple-card es8316-sound: ASoC: Failed to add route Mic Jack -> direct -> IN1P
[ 2.885838] es8316 1-0011: ASoC: Failed to create Left Hp mixer debugfs file
[ 2.886554] es8316 1-0011: ASoC: Failed to create Right Hp mixer debugfs file
[ 2.887295] es8316 1-0011: ASoC: Failed to create HPCP L debugfs file
[ 2.887955] es8316 1-0011: ASoC: Failed to create HPCP R debugfs file
[ 2.888734] es8316 1-0011: ASoC: Failed to create HPVOL L debugfs file
[ 2.889394] es8316 1-0011: ASoC: Failed to create HPVOL R debugfs file
[ 2.893647] of_get_named_gpiod_flags: can’t parse ‘simple-audio-card,hp-det-gpio’ property of node ‘/hdmi-codec[0]’
[ 2.893672] of_get_named_gpiod_flags: can’t parse ‘simple-audio-card,mic-det-gpio’ property of node ‘/hdmi-codec[0]’
[ 3.246707] CFG80211-ERROR) wl_setup_wiphy : Registering Vendor80211
[ 3.249299] CFG80211-ERROR) wl_init_prof : wl_init_prof: No profile
[ 3.634899] systemd[1]: Failed to insert module ‘autofs4’: No such file or directory
[ 4.526016] systemd[1]: systemd-modules-load.service: Main process exited, code=exited, status=1/FAILURE
[ 4.527230] systemd[1]: systemd-modules-load.service: Failed with result ‘exit-code’.
[ 4.528658] systemd[1]: Failed to start Load Kernel Modules.
[ 9.237896] squashfs: SQUASHFS error: Filesystem uses “xz” compression. This is not supported
[ 9.441054] squashfs: SQUASHFS error: Filesystem uses “xz” compression. This is not supported
[ 9.701021] squashfs: SQUASHFS error: Filesystem uses “xz” compression. This is not supported
[ 10.070876] squashfs: SQUASHFS error: Filesystem uses “xz” compression. This is not supported
[ 10.560022] squashfs: SQUASHFS error: Filesystem uses “xz” compression. This is not supported
[ 10.764480] Disable tdls_auto_op failed. -1
[ 10.838410] CFG80211-ERROR) wl_cfg80211_event : Event handler is not created
[ 10.839207] rtt_do_get_ioctl: failed to send getbuf proxd iovar (CMD ID : 1), status=-23
[ 10.840826] dhd_preinit_ioctls failed to set ShubHub disable
[ 12.665198] [drm:dw_hdmi_rockchip_set_property] ERROR failed to set rockchip hdmi connector property
[ 12.666092] [drm:dw_hdmi_rockchip_set_property] ERROR failed to set rockchip hdmi connector property
[ 12.667052] [drm:dw_hdmi_rockchip_set_property] ERROR failed to set rockchip hdmi connector property
[ 12.667960] [drm:dw_hdmi_rockchip_set_property] ERROR failed to set rockchip hdmi connector property
[ 12.668884] [drm:dw_hdmi_rockchip_set_property] ERROR failed to set rockchip hdmi connector property
[ 12.669805] [drm:dw_hdmi_rockchip_set_property] ERROR failed to set rockchip hdmi connector property
[ 17.681039] connect failed event=0 e->status 1 e->reason 0
[ 17.681955] CFG80211-ERROR) wl_bss_connect_done : Report connect result - connection failed
[ 21.058081] connect failed event=0 e->status 1 e->reason 0
[ 21.058998] CFG80211-ERROR) wl_bss_connect_done : Report connect result - connection failed
[ 70.113161] CFG80211-ERROR) wl_cfg80211_disconnect : Reason 3
[ 70.115216] CFG80211-ERROR) wl_is_linkdown : Link down Reason : WLC_E_LINK
[ 70.118420] CFG80211-ERROR) wl_cfg80211_tdls_config : No change in tdls state. Do nothing. tdls_enable:1


#3

This should be a default config issue. We will update the kernel package.


#4

The problem also exists on the Debian Desktop image


#5

Hi Jack. Can you let us know when the Ubuntu update is done on the download links?


#6

Hi, Dude

No problem.

To fix your problem. We now setup the repository.

wget -O - http://apt.radxa.com/bionic/public.key | sudo apt-key add -

create /etc/apt/sources.list.d/apt-radxa-com.list and add

deb http://apt.radxa.com/bionic/ bionic main

and run

apt-get update

Now install package to make sure the boot partitions is properly mounted

apt-get install rockchip-overlay rockchip-fstab 

Update the uboot.img to make sure it finds the right device tree

apt-get install rockpi4b-rk-ubootimg
/usr/local/sbin/rockpi4b_upgrade_bootloader.sh

Type YES to perform the uboot.img update.

Now install the latest kernel package and module:

sudo apt-get install linux-base
sudo apt-get install linux-image-4.4.154-59-rockchip-g5e70f14 linux-firmware-image-4.4.154-59-rockchip-g5e70f14

Edit /boot/extlinux/extlinux.conf to boot the new kernel by default

change line

default kernel-4.4

to

default kernel-4.4.154-59-rockchip-g5e70f14 

Save, sync and reboot. Now you boot into the new kernel.

Enable the iptables module:

sudo modprobe ip_tables

#7

Awesome, @jack do you think we can have this built into the images? Or where would run this during the image compilation (as in the wiki) ?


#8

Fix applied. Seems to work as expected. Thanks! :slight_smile:


#9

We plan to integrate into the image for the next release. If you want to build from scratch, you need to add the packages in the rootfs generation, which is not added now. We will update it soon.


#10

Thanks @jack, this would be great.


#11

Did the steps but modprobe was missing. Installed with
rock@linux:~$ sudo apt install module-init-tools

But still no luck:
rock@linux : ~ $ sudo modprobe ip_tables
rock@linux : ~ $ iptables -L
iptables v1.6.1: can’t initialize iptables table `filter’: Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
rock@linux : ~ $

Version is:
rock@linux : ~ $ uname -a
Linux linux 4.4.154-59-rockchip-g5e70f14 #4 SMP Fri Dec 14 20:55:41 CST 2018 aarch64 aarch64 aarch64 GNU/Linux
rock@linux : ~ $

And used image-file:
rockpi4b-ubuntu-bionic-minimal-20190104_2101-gpt.img

I am not able to use my RockPi4 as planned without iptables :frowning:


#12

Hi, @miha,

You can try:

sudo iptables -L

#13

Well… did the steps again, with
sudo apt-get install --reinstall

and after second reboot i finally got iptables:

rock@linux:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
rock@linux:~$

As a summary what i did:

  1. Steps mentioned by Jack above
  2. After reboot rock@linux:~$ sudo apt install module-init-tools
  3. Re-run Jack’s steps with apt-get install --reinstall
  4. Reboot
  5. modprobe

#14

Will this work also if OS is installed to EMMC and system boots from there? Is /usr/local/sbin/rockpi4b_upgrade_bootloader.sh able to handle that situation? At the moment my rock boots from sd-card but I want get rid of that.


#15

Yes, the script will detect what we are running now and update the bootloader for current media. If running on eMMC, bootloader in eMMC will be updated, if running on uSD card, bootloader in uSD card will be updated.


#16

Hey guys,

when will the new debian image with the iptables kernel module be released? Would be very nice for productive usage.


#17

It’s already in the release, update your kernel. Check install latest kernel:

https://wiki.radxa.com/Rockpi4/radxa-apt