Very broken iptables 1.4.21 after upgrade to kernel 3.10.0-514.26.2.el7.x86_64

Jul 17, 2008
18
0
51
I ran system update in WHM 64 Build 36, to upgrade some packages and also update the kernel to 3.10.0-514.26.2.el7.x86_64 (as advised by the security advisor).

The updates ran successsfully, but after a reboot I noticed that configServer (Csf) would no longer start. This turned out to be due to a problem with iptables. It seems that the newer kernel either doesn't have all the iptables modules loaded or doesn't even have support for them compiled in - I'm not quite sure which.

The error message when trying to start iptables (and thus when trying to start csf too) is:

Code:
iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
I have tried various things such as issuing the modprobe command for iptables_filter and iptables_nat but to no avail. I also checked the netfilter directory (/lib/modules/3.10.0-514.26.2.el7.x86_64/kernel/net/ipv4/netfilter/) and it seems to contain all the correct files (I compared it with the previous kernel)

Am I right that the only solution here would be to recompile the kernel?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,254
463
Hello,

Could you provide some more information about the server environment (OS, VPS software)? For instance, are you using a Linux Container (LXC)? Also, please post the output from the following commands:

Code:
runlevel
telnet 127.0.0.1
Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,254
463
Hello,

Could you also run the "rpm -qa|grep iptables" command and let us know the output?

Thank you.
 
Jul 17, 2008
18
0
51
Sure. Note that I installed the devel and services packages with yum, as part of various attempts to remedy the situation:

[[email protected] tmp]# rpm -qa|grep iptables
iptables-1.4.21-17.el7.x86_64
iptables-services-1.4.21-17.el7.x86_64
iptables-devel-1.4.21-17.el7.x86_64
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,254
463
Hello,

Could you open a support ticket using the link in my signature so we can take a closer look?

Thank you.