[SOLVED] Unable to get NFQUEUE to work

koumakpet · 2021-05-17 15:31:59

Following from github issue for opensnitch firewall: https://github.com/evilsocket/opensnitch/issues/412
which explains how the problem was discovered and the attempted solutions.

Basically, in the kernel config file in `/proc/config.gz` these were listed as modules:

    CONFIG_NFT_QUEUE=m
    CONFIG_NETFILTER_NETLINK_QUEUE=m
    CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m

which would imply that the kernel has support for them. However executing `lsmod | grep -i nfqueue` produced no result.
So I tried to use `modprobe` command, but this gave me module not found in directory `/lib/modules/5.12.2-arch1-1`.

This is a stock arch kernel (from `linux` pacman package) without any modifications. Any idea why these modules aren't in that directory and how could this be fixed?

Last edited by koumakpet (2021-05-17 20:37:05)

Scimmia · 2021-05-17 15:34:24

Sounds like you updated your kernel but haven't booted the new version yet. The old modules for the running kernel aren't kept around.

Last edited by Scimmia (2021-05-17 15:35:02)

koumakpet · 2021-05-17 15:39:12

Scimmia wrote:

Sounds like you updated your kernel but haven't booted the new version yet. The old modules for the running kernel aren't kept around.

Could you elaborate on this? I'm not quite sure what are you talking about, how do I boot the new version then? If you mean rebooting, I did reboot my computer already, and that didn't help, or do you mean regenerating grub config to use the new kernel? That seems weird, I always thought that once I got the kernel update, it just replaced the old one and didn't need anything more, it should just replace the old file on the same location, so grub shouldn't have problems with it, but i might be completely wrong here.

Scimmia · 2021-05-17 15:49:35

Does `pacman -Q linux` match `uname -r`? If so, that's not the issue; then tell us exactly what you're trying to load.

koumakpet · 2021-05-17 20:10:14

Scimmia wrote:

Does `pacman -Q linux` match `uname -r`? If so, that's not the issue; then tell us exactly what you're trying to load.

They are matching. As I described in the question, I'm following from opensnitch issue, I was trying to start opensnitchd, which failed, and that brought me to finding out that I don't appear to have NFQUEUE support.
I'm not exactly certain what these modules do, but I did have opensnitch functional on this machine before I reinstalled arch, and now it causes problems with this.

https://user-images.githubusercontent.c … e060fa.png

Mod Edit - Replaced oversized image with link.
CoC - Pasting pictures and code

Last edited by Slithery (2021-05-17 20:51:06)

seth · 2021-05-17 20:27:29

find  /lib/modules -iname '*nf*queue*'

koumakpet · 2021-05-17 20:31:55

seth wrote:

find  /lib/modules -iname '*nf*queue*'

Oh, you are right, I assumed since that command wasn't outputting anything, those modules weren't there, looks like reboot did solve the issue then, it was just that I only tried the `lsmod` and `find` command, not the `modprobe`, seems like it's working now then. Alright thank you!
https://user-images.githubusercontent.c … 8727d1.png

Mod Edit - Replaced oversized image with link.
CoC - Pasting pictures and code

Last edited by Slithery (2021-05-17 20:51:29)

seth · 2021-05-17 20:35:33

I didn't read the thread - is there still an open problem?
If not please always remember to mark resolved threads by editing your initial posts subject - so others will know that there's no task left, but maybe a solution to find.
Thanks.

Arch Linux

#1 2021-05-17 15:31:59

[SOLVED] Unable to get NFQUEUE to work

#2 2021-05-17 15:34:24

Re: [SOLVED] Unable to get NFQUEUE to work

#3 2021-05-17 15:39:12

Re: [SOLVED] Unable to get NFQUEUE to work

#4 2021-05-17 15:49:35

Re: [SOLVED] Unable to get NFQUEUE to work

#5 2021-05-17 20:10:14

Re: [SOLVED] Unable to get NFQUEUE to work

#6 2021-05-17 20:27:29

Re: [SOLVED] Unable to get NFQUEUE to work

#7 2021-05-17 20:31:55

Re: [SOLVED] Unable to get NFQUEUE to work

#8 2021-05-17 20:35:33

Re: [SOLVED] Unable to get NFQUEUE to work

Board footer