iptables not installed on centos

firewall iptables centos

If a machine does not have iptables installed, is there still a firewall running?

If yes, how to I disable / change rules?

if I enter the command iptables I receive the response:

iptables v1.4.7: no command specified

[root@ruad1 ~]# iptables -L
FATAL: Module ip_tables not found.
iptables v1.4.7: can't initialize iptables table `filter': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.

I have been searching but all documentation on firewalls for centos seems to refer to iptables.

If I do ip route list, there seems to be a lot of rules?

Edit: Answer to questions in comments:

output of ls -alL /sbin/iptables 

-rwxr-xr-x 1 root root 54200 Nov 23 2013 /sbin/iptables

I receive the following when I do iptables restart

iptables restart output

kernel version:

2.6.32-5-vserver-amd64

contents of /lib/modules/2.6.32-5-vserver-amd64

/lib/modules/2.6.32-5-vserver-amd64

Any command that I issue with iptables (restart, stop ..) all receive the same error as pasted above.

/sbin/iptables output:

iptables v1.4.7: can't initialize iptables table `filter': Permission denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

output of touch /tmp/foo; ls -la /tmp/foo

-rw-r--r-- 1 root root 0 Jun 27 16:51 /tmp/foo

It looks like the machine is running in a virtualized environment, or more specific: in an operating system-level virtualized environment, like LXC, OpenVZ or Virtuozzo. The kernel version (2.6.32-5-vserver-amd64) gives this away.

In such an environment the kernel is shared between the host and the guest systems, and not all kernel APIs are available in VMs. I guess that's the reason why you have a permission error when calling iptables.

When you find out in which environment your machine is running, you might be able to find a solution online:

  • The knowledge base for Parallels' Virtuozzo has an article on How do I enable firewall in a Container.
  • The OpenVZ wiki has an article on Setting up an iptables firewall.

But you might have to contact the administrator of the host system to make the necessary changes.


Firstly try this command :

iptables -t nat -L

And also check for loaded module list for iptables,might be module is missing.

cat /proc/net/ip_tables_matches

Check the rules in /etc/sysconfig/iptables for any suspicious entry or space character.

Secondly try this:

$ sudo grep -R "options nf_conntrack ip_conntrack_disable_ve0=1" /etc/modprobe.d/

and replace the "1" with "0":

options nf_conntrack ip_conntrack_disable_ve0=0

reboot your system

Related

exim4 - Why is rate limiting outbound mail to a smarthost only working with acl_not_smtp?
How can I make Windows Server 2012 running on KVM boot with virtio rather than IDE?
How do I determine where an SSL certificate is being served from?
Exchange 2010 - Certificate error on internal Outlook 2013 connections
How to setup pfSense with multiple public IP's
Mails going to spam. Please see the details [duplicate]
Best Practice: DNS and VPN (with private network IPs) [closed]
Where is the "Compare" option in Excel (to compare two files)?
What is the modern way to get emulated 3D on headphones in a video game (PC)?
PowerPoint automatically change to bold one of the numbering in a list that contains bold font
WSL2, Android Studio and Intel HAXM
How can I remove an entry from the list of installed software? [duplicate]